>> And the portsentry alternative to deal with 20+ scans per >day is....? > >Good host-based IDS, updated patches, a hardened server, and >a vigilant >admin. No doubt you are right. However, Portsentry's function isn't only to block IPs. It also alerts a vigilant admin to any number of suspicious activities that go on. Whereas Portsentry was not designed to be nor should be the ONLY deterrent against h4cker5, it can certainly be a valuable time-saver for some of those vigilant admins, who have little time as it is to read through milions of lines of log files every day. (Yes, I exaggerate. But that's really what it feels like.) >> Are you suggesting that running without Portsentry is >better than running >with it? Therefore, I conclude, running Porsentry is better than not running it. _______________________________________________ cobalt-security mailing list [EMAIL PROTECTED] http://list.cobalt.com/mailman/listinfo/cobalt-security
