This rule is essentially useless against nmap scans. The nmap tool allows for scanning of ports, but it checks first if there is an ICMP response, and if there isn't one, it will not proceed to scan the server unless it is explicitly asked to do so (Use -PN flag)So in essence this ICMP rule can not be used against malicious discoveries of the servers ports because once ICMP is innefective against NMAP it will the proceed to find out about the server.Is there a different RULE that we can apply t
↧
