Am Di, den 07.02.2006 schrieb Troy Engel um 18:10: > I might throw this out -- I also offer RPMs for RHEL4, FC4, and CentOS4 > (i386) of portsentry; look here: > > http://rpmfind.net/linux/rpm2html/search.php?query=portsentry&submit=Search+... > > ...look for 'Falsehope' towards the middle, all my RPMs are tagged with > .te.; I install portsentry on any server that exposes a service through > a firewall (or no firewall at all), and it catches a *lot* of stuff for you. > > Portsentry's ability to catch a portscan right away and block the IP can > help save you in the long run. I have no idea why it's not in the > official upstream sources anymore, it disappeared a couple of versions ago. > > -te portsentry is just a dead software project (since Cisco bought the company where it was developed). Check out for "psad" http://www.cipherdyne.com/psad/ and see the FAQ part http://www.cipherdyne.com/projects/psad/faq.html#diff_portsentry With all these tools: be careful when using on remote-only systems to not lock out yourself by accident or get locked out by an attacker spoofing your own data. Alexander -- Alexander Dalloz | Enger, Germany | GPG http://pgp.mit.edu 0xB366A773 legal statement: http://www.uni-x.org/legal.html Fedora Core 2 GNU/Linux on Athlon with kernel 2.6.11-1.35_FC2smp Serendipity 19:06:11 up 1 day, 15:34, load average: 0.08, 0.13, 0.06 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: Dies ist ein digital signierter Nachrichtenteil URL: <http://lists.centos.org/pipermail/centos/attachments/20060207/ee00dd8d/attachment-0003.sig>