I want to block intruders via
psad, but HTTP and HTTPS should not be blocked. For example, if someone is scanning my dedicated server via nmap, psad should block him for 2 hours, but he should still see the contents from my domain.
I set AUTO_BLOCK_TIMEOUT to a value of 7200, so everyone scanning me is completely blocked for 2 hours. Woefully the attacker is also blocked from seeing my webpage, which is not my intention.
Is there any possibility to set up a partial blockage via psad?
Asked by Mister natZONE
(23 rep)
Aug 26, 2014, 01:27 PM
Last activity: Aug 26, 2014, 01:52 PM
Last activity: Aug 26, 2014, 01:52 PM