Assuming that a host does not require a Telnet service running in it, is it possible to create a fake telenet process that listens to the Telnet port and blocks all IP that tries to make a connection (TCP-SYN) with it ?? The attacker when tries to scan this host using nmap, it makes send a TCP-SYN t o telnet port (not in all cases) , the host can now get the source IP and b locks all connection from that IP. Will this defense concept work ???
- posted
10 years ago