Hi All
im wondering if there is anyway to know who is using port scanner apps like fing or eznet or netcat and block them
i mean when user just to open or start scan apps then server drop his connection and block his first used mac address in ip binding,,, is there anyway to do that via firewall or something like that ?
Re: block port scanner apps users
What are the characteristics of a port scanning application?
That may give you a clue.
Number of connections per period of time?
Outgoing ports that make no sense for a typical user?
That may give you a clue.
Number of connections per period of time?
Outgoing ports that make no sense for a typical user?
Re: block port scanner apps users
i mean that apps scan and show ip and mac address of users that hack use it to access internet by use those macsWhat are the characteristics of a port scanning application?
That may give you a clue.
Number of connections per period of time?
Outgoing ports that make no sense for a typical user?
Re: block port scanner apps users
Your posts dont make any sense.
Please choose the correct problem.
1. I want to find out who on my LANs are running port scans of other routers on the internet.
2. I want to block port scans on my router (scanning my router from the outside).
Please choose the correct problem.
1. I want to find out who on my LANs are running port scans of other routers on the internet.
2. I want to block port scans on my router (scanning my router from the outside).
Last edited by anav on Sun Jun 17, 2018 7:43 pm, edited 1 time in total.
-
-
CZFan
Forum Guru
- Posts: 2098
- Joined:
- Location: South Africa, Krugersdorp (Home town of Brad Binder)
- Contact:
Re: block port scanner apps users
FIFY:
"Please choose the correct problem.
1. I want to find out who on my LANs are running port scans of other routers on the internet.
2. I want to block port scans to my router / network."
"Please choose the correct problem.
1. I want to find out who on my LANs are running port scans of other routers on the internet.
2. I want to block port scans to my router / network."
Re: block port scanner apps users
1 . i want to fint out who on my lans are running port scan apps of other users address on my networkYour posts dont make any sense.
Please choose the correct problem.
1. I want to find out who on my LANs are running port scans of other routers on the internet.
2. I want to block port scans on my router (scanning my router from the outside).
2 . i want to block port scan apps users on my network.
i suggest some ideas in my post and want to apply it from some network profs.
Re: block port scanner apps users
Weird, so you have a bunch of users that are scanning ports on your LANS?
I dont see this as a problem because By being on the LAN they can access all the IPs on a LAN, as they are on layer 2, so there is no real expectation of security other than what you put on each PC for firewall or AV.
However if you have different subnets, put them on different interfaces and then use FW rules to block subnet to subnet traffic.
I dont see this as a problem because By being on the LAN they can access all the IPs on a LAN, as they are on layer 2, so there is no real expectation of security other than what you put on each PC for firewall or AV.
However if you have different subnets, put them on different interfaces and then use FW rules to block subnet to subnet traffic.
Re: block port scanner apps users
that users who use scan apps can get another users mac addresses then copy it and access in free internet cuz i use hotspot server and use 1 dhcp serverWeird, so you have a bunch of users that are scanning ports on your LANS?
I dont see this as a problem because By being on the LAN they can access all the IPs on a LAN, as they are on layer 2, so there is no real expectation of security other than what you put on each PC for firewall or AV.
However if you have different subnets, put them on different interfaces and then use FW rules to block subnet to subnet traffic.
thats why am asking if there someway to block scan apps
my idea is if there a way to get the user who is using scan app then block his first main mac address be4 get any mac or his scan app work ... thats my idea and need some1 expert can apply it in some rules
Re: block port scanner apps users
i share this idea cuz some expert user could make some rules to block freedom app that work before login to hotspot server ....the freedom app is like vpn app and can access the hotspot without registering any account ,, and some expert user made some rules can get any user using freedom app and drop his connection and put his ip address in firewall address list....he depends on put freedom app servers in layer7 firewall address list then drop them in firewall filter
and im thinking if there is away like that to figure out scan apps users and block thier first main mac address..
i will put freedom app block rules down and need some1 to help me making some rules like it but to block scan apps
ip firewall layer7-protocol add name=freedom regexp="^.+(2yf.de|1yf.de|freedom.net|your-freedom.de|your-freedom)"
ip firewall filter add action=drop comment="block-freedom-maxupgrade" chain=pre-hs-input layer7-protocol=freedom
ip firewall mangle
add action=add-src-to-address-list address-list=freedom address-list-timeout=1d chain=prerouting layer7-protocol=freedom comment="freedom-maxupgrade"
and im thinking if there is away like that to figure out scan apps users and block thier first main mac address..
i will put freedom app block rules down and need some1 to help me making some rules like it but to block scan apps
ip firewall layer7-protocol add name=freedom regexp="^.+(2yf.de|1yf.de|freedom.net|your-freedom.de|your-freedom)"
ip firewall filter add action=drop comment="block-freedom-maxupgrade" chain=pre-hs-input layer7-protocol=freedom
ip firewall mangle
add action=add-src-to-address-list address-list=freedom address-list-timeout=1d chain=prerouting layer7-protocol=freedom comment="freedom-maxupgrade"