Consider adding portspoof - a tool to trap network hunters
Migrated from: https://tracker.clearos.com/view.php?id=8341
Reported by: Peter Baldwin
For a big picture overview, see http://resources.infosecinstitute.com/fool-network-hunters-hackers/; for details, see http://portspoof.org/.
FYI: This is a customer feature request via ClearCARE.
Developer comment:
This will be hard to implement because of how it uses the firewall. It suggests using ranges of ports but we'd have to take care that they don't clash with ports in use. At the same time the multiport
option can only have 15 or 16 ports, limiting you to 7 or 8 port ranges. Otherwise you need multiple rules.