[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Port Sentry

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 2 Jun 2001, John Hasler wrote:
>
> > It is trivial to spoof the source address of a portscan, allowing one to
> > cause your machine to block access from your nameservers or your clients
> > or other important sites.
>
> While certainly no panacea, portsentry isn't that stupid.  The authors
> thought about this and provided for it.
>

agreed.  portsentry isn't perfect (what is?).  but the authors have taken
great pains to allow for certain types of breaks.  i've been using it for
a while now.  combined with logcheck and hostsentry, it's a pretty good
system.  at a minimum, at least i know what's happening on my system.

- -- 
 ____) ,_)        ,_)
(-(__  |_  _  _ |/
 ____) | |(_)(_ |\
(                 \_,
 _______________________________________________
| mailto : shock@exitwound.org                  |
| linux  : http://exitwound.org                 |
| mozart : http://mozart.sourceforge.net        |
| buck   : http://www.BuckOwensFan.com          |
 _______________________________________________
| The day advanced as if to light some work of  |
| mine; it was morning, and lo! now it is       |
| evening, and nothing memorable is             |
| accomplished. -- H.D. Thoreau                 |
 _______________________________________________
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.4 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE7GUgtr9c0KwefYXMRAs+xAJ48VIYSCmgZk9brdsTA8B0kzi/sBQCeMh9G
0loZrUBVPJqZEtCB5Vwi+20=
=9oGB
-----END PGP SIGNATURE-----
Reply to: