Zusammenfassung:
Currently, IP networks are constantly harmed by several attack
techniques such as port scans, denial of service, brute force attacks,
etc., which can collapse the continuity of business services. To
address this problem, this paper focuses on an alternative solution
for detection, block, and prevention of port scanning attacks.
Particularly, this implementation is an alternative engine to
automatically block specialized tool scans, namely PSAD (Port
Scan Attack Detector), but it is conceptualized differently from
the features that the program offers. To carry out this work, we
have designed and implemented a virtual network environment
that is to be configured as an experimenting platform with port
scan attacks. To neutralize such attacks, we performed a security
mechanism that takes the data reported by the PSAD and using
parameterized variables (block time and level of category)
automatic locks become viable, including custom records and
notifications via e-mail...