Le Wed, Nov 22, 2000 at 10:15:44PM +0200,
Chris Williamson ([EMAIL PROTECTED])
a �crit:
> Hi All
>
> I have Red Hat 7 with ipchains, logcheck and portsentry.
>
> I have installed portsentry as an rpm (portsentry-1.0-4.i386.rpm), everything seems
>to be preconfigured for me but I am not sure if it is working, can anyone tell me if
>there is any configuration that needs to be done on this for basic functionality.
>
vi /usr/local/psionic/portsentry/portsentry.conf
���8<---
######################
# Configuration Files#
######################
#
# Hosts to ignore
IGNORE_FILE="/usr/local/psionic/portsentry/portsentry.ignore"
# Hosts that have been denied (running history)
HISTORY_FILE="/usr/local/psionic/portsentry/portsentry.history"
# Hosts that have been denied this session only (temporary until next restart)
BLOCKED_FILE="/usr/local/psionic/portsentry/portsentry.blocked"
���8<---
# Generic Linux
#KILL_ROUTE="/sbin/route add -host $TARGET$ gw 333.444.555.666"
# Newer versions of Linux support the reject flag now. This
# is cleaner than the above option.
#KILL_ROUTE="/sbin/route add -host $TARGET$ reject"
���8<---
i'd try this and remove it before flushing my syslogd. It was a nitemare to
understand this.
> I have tried port scanning my Linux box from a Micro$oft box using ws_ping propack
>but the portsentry does not pick this up, maybe this is not a great scanner.
try ippl witch log what you want ... and a big /var, I mind that could be so a
denial of service to make a little /var or let it go in a '/' (personnal
experience ;)
gilles.
--
Aucune femme ne se marie pour l'argent :
elles sont toutes assez intelligentes pour
tomber amoureuses d'un millionnaire avant de l'�pouser.
Cesare Pavese
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
