On 25.07.2002 0:47 Uhr thou speakest, Crawford Rainwater these words: [..cut portsentry descr..]
Hi! well, this is the way portsentry works: it "opens" the ports to the outside, but is the only daemon behind listening to the ports. And if something "naughty" (in portsentry's opinion) is going on it reacts with the options you defined (usually block the ip-adress, add it to hosts.deny, add into ipchains, delete the other's user-account, post in his name to alt.binaries.adults.with.sadomaso.fetish....oh, no, this is the bastard operators way ;-))) . What I realized is: .) 'till now it is safe to leave it that way but .) those kiddies scan your computer and think that these ports _are_ indeed open, so you have more attack-tries, which results in longer log-files and longer ip-chains. So my decision was to turn portsentry off and -voila- I had much smaller logfiles and less 'attacks', only the standard port 80, port 21 (though I haven't a ftp-daemon behind....). It's up to you, what you'll do. As far as I could realize, portsentry is 'till now no additional problem. But who knows? regards zelko -- *nix isn't user-unfriendly. It's just specific about it's friends. So if you want it as a friend: be specific. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
