Hello! I run a small hosting company and I’ve leased a /24 subnet and my IPs provider has very strict rules regarding abuses. Can anyone help me with some example rules to detect brute force attacks and port scanning going outside of our network to the internet? We’re running proxmox on Debina 10…

Outbound: Port Scanning & Brute Force detection

FlorinMarian March 19, 2022, 5:45am 3

It works just fine using ET Rules to detect outbound SSH scans but I still have issues blocking port scanning outbound.
Any tip for this achievement?
Thank you!

Nmap Detection via Suricata

Topic		Replies	Views
Detect Port Scanning Help	2	1453	September 19, 2022
Nmap Detection via Suricata Rules suricata	1	5244	May 2, 2022
Unreal_ircd_3281_backdoor) Rules	10	787	February 21, 2021
Question about SSH SCAN rule Help suricata	1	1114	November 16, 2022
Suricata not detecting some packets in a pcap Help rules , suricata , pcaps	4	714	August 10, 2023

Outbound: Port Scanning & Brute Force detection

Related Topics