Joseph wrote:
>
> Dear Mark,
>
> Thanks for your reply.
>
> I didn't know I had Portsentry in my system!!!! Any ideas how to
> configure it would be welcome. Could I leave Guarddog as is and run Port
> Sentry? Do they both work on ipchains?
>
> Regards
>
> Joseph
>
I don't see why that would be a problem as long Guard Dog is inactive.
Neither program runs off ipchains, but rather runs apart from and in
concert with ipchains. I guess the easiest way to state that is they
both run at the same time and compliment one another, but work totally
seperate from each other.
Configuring Portsentry is a snap. I'll send you a copy of my
portsentry.conf file for you to look at and use as an example to work
from. If you like you can set yours to work much in the same way, or
configure your system as your needs dictate.
As far as setting PS up to run just open /etc/portsentry.conf in a text
editor such as kedit, or even better VI and uncomment the lines that you
wish for PS to use as it's operating rules.
Navigate to /etc/rc.d and open rc.local in an editor. At the bottom of
the file add these two lines to the file:
/usr/sbin/portsentry -atcp
/usr/sbin/portsentry -audp
Then save and close the file. This will see to it that PS gets started
every time the system starts. And believe me...PS works real well. If
you're telneting into your machine from somewhere from another network
and you haven't added that IP address to the hosts.allow file PS will
detect the connection attempt and block the connection attempt, and add
that IP address to the hosts.deny file. You won't get in.
When you see my portsentry.conf file you'll see how easy it is to
configure PS to get it running.
--
Mark
"If you don't share your concepts and ideals, they end up being
worthless,"
"Sharing is what makes them powerful."
