That's what I do--just reject all packets from the suspect box. That way, I don't
have to worry about it too much. There's also the capability to run an external
script. The Debian version of portsentry
has a big disclaimer about how this is not recommended, since it is destructive. and
just plain wrong. Let your conscience be your guide, heh heh.
Cory Petkovsek wrote:
> Portsentry should be default configured to just drop packets. This will produce the
>same affect as redirecting to a non existent IP. Yet, you don't have to worry about
>that IP being used in the future.
>
--
Michael J. Smith [EMAIL PROTECTED]
2250 Patterson #25 Eugene, OR 97405
(541)346-7562
- [EUG-LUG:252] portsentry Rob Hudson
- [EUG-LUG:253] Re: portsentry Cory Petkovsek
- [EUG-LUG:255] Re: portsentry Michael Smith
- [EUG-LUG:255] Re: portsentry Cory Petkovsek
