21 Jun
2009
21 Jun
'09
12:49 a.m.
In other words, anyone hitting those ports that are not being used at all except by our sniff protector, would allow instant banning.
So...does something like this exist?
I don't know of a program that specifically listens to defined ports and acts on that, but fail2ban would accomplish the end result adequately.
jlc