[EMAIL PROTECTED] wrote:
> I have a few questions about portsentry on Eigersteinbeta2. The firewall
> runs on an old 486DX266 with 16MB of RAM and works beautifully (all fans
> disabled BTW):
>
> 1) Currently when I boot the LRP box the psentry process(es) should init
> last but usually don't run. I always get a "no more processes at this
> runlevel" message. Usually this happens before either psentry process
> starts, sometimes one does get to run. I always have to remember to boot,
> then once its up do a "/etc/init.d/psentry restart:
>
svi psentry start
> 2) When I do a port scan for example from www.vulnerabilities.org, my logs
> fill up with deny's that eventually overflow my ramdisk. Here's what the
> /var/psentry/history log shows:
>
> "995052400 - 07/13/2001 13:26:40 Host: www.vulnerabilities.org/199.78.61.254
> Port: 1524 TCP Blocked"
>
> The issue appears to be that psentry didn't block the scanner until port
> 1524 was tried. I have selected the anal port config in portsentry.conf.
> These are:
psentry is in series with the firewall - but not ahead of it. If the firewall
throws the packets in the bitbucket and logs, psentry never saw those packets.
Psentry is good for high ports that the firewall does not DENY.
_______________________________________________
Leaf-user mailing list
[EMAIL PROTECTED]
http://lists.sourceforge.net/lists/listinfo/leaf-user
