On Wed, 10 Apr 2002, Graeme Fowler wrote: > > Well, a cursory glance at the ChangeLog for this version shows that the most > important change of all is that the "Classic", or binding, mode has been > removed. That should get rid (I say should... but!) of all the "Help! I > scanned my system and I've got X Y and Z trojans on my system" messages we > see here on a reasonably regular basis. > > Apart from that, it appears to be cleaner (code-wise), uses normal BPF > filtering if necessary, is aware of ECN (if you've come across this you'll > know what it means), everything is in the config file, yadda yadda yadda. > > Other than that, it's still PortSentry. All it does is watches defined ports > on your machine and react if necessary in whatever way you define. Does it > need to do anything else???
I use to use portsentry but have given up on it. For one thing it keeps a bunch of ports open that I don't use anyway, so it's kind of like entrapment you catch people trying to access ports on the machine that are not in use anyway. -- Gerald Waugh http://www.frontstreetnetworks.com Front Street Networks LLC - 203-785-0699 229 Front Street, Ste. #C, New Haven CT, 06513-3203 _______________________________________________ cobalt-security mailing list [EMAIL PROTECTED] http://list.cobalt.com/mailman/listinfo/cobalt-security
