|
To reduce the chance of the hacker determining your firewall through direct scanning, you can utilize an intrusion detection system (IDS), ACLs on your routers, or both.
IDS:
- can both log and recognize a portscan
- can prevent the scan from ever reaching the firewall itself
- only measures port scanning in high numbers from a single location
- a more advanced hacker can fool the system by using multiple scanning hosts and spreading their scans out over time
ACL:
- provides more protection
- blocks specific ports that you want to remain hidden
|