[CentOS] I appear to be attacking others

Tue Feb 7 18:10:49 UTC 2006
Alexander Dalloz <ad+lists at uni-x.org>

Am Di, den 07.02.2006 schrieb Troy Engel um 18:10:

> I might throw this out -- I also offer RPMs for RHEL4, FC4, and CentOS4
> (i386) of portsentry; look here:
> 
> http://rpmfind.net/linux/rpm2html/search.php?query=portsentry&submit=Search+...
> 
> ...look for 'Falsehope' towards the middle, all my RPMs are tagged with
> .te.; I install portsentry on any server that exposes a service through
> a firewall (or no firewall at all), and it catches a *lot* of stuff for you.
> 
> Portsentry's ability to catch a portscan right away and block the IP can
> help save you in the long run. I have no idea why it's not in the
> official upstream sources anymore, it disappeared a couple of versions ago.
> 
> -te

portsentry is just a dead software project (since Cisco bought the
company where it was developed). Check out for "psad"

http://www.cipherdyne.com/psad/

and see the FAQ part

http://www.cipherdyne.com/projects/psad/faq.html#diff_portsentry

With all these tools: be careful when using on remote-only systems to
not lock out yourself by accident or get locked out by an attacker
spoofing your own data.

Alexander


-- 
Alexander Dalloz | Enger, Germany | GPG http://pgp.mit.edu 0xB366A773
legal statement: http://www.uni-x.org/legal.html
Fedora Core 2 GNU/Linux on Athlon with kernel 2.6.11-1.35_FC2smp 
Serendipity 19:06:11 up 1 day, 15:34, load average: 0.08, 0.13, 0.06 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: Dies ist ein digital signierter Nachrichtenteil
URL: <http://lists.centos.org/pipermail/centos/attachments/20060207/ee00dd8d/attachment-0005.sig>