Matthias Hentges <[EMAIL PROTECTED]> writes: [snip] >> I've just explained over on comp.os.linux.security why portsentry is a >> lousy idea, but to summarize: >> >> a) "dynamic" means nothing when the packets shouldn't have permeated to >> user-space at all; >> >> b) risk of auto-DoS if someone spoofs a given set of valuable IP#s; >> >> c) having to have no firewall, or extra holes in a firewall, in order to >> detect a finite set of events seems daft when you could just be blocking >> them already by default. > > ACK > But portsentry may still be a good thing to have if for some reason the > firewall gets flushed. I know, this should never happen, but it can.
cron(8) is also your friend for this and other reasons. It's also a better use of memory-space than to have a daemon lurking never used in case of firewall failure. Then again... Swings and roundabouts, I guess. [snip] ~Tim -- <http://spodzone.org.uk/>