* Quoting Kristof Goossens ([EMAIL PROTECTED]): > On Thu, May 22, 2003 at 08:46:47PM -0400, Rob French wrote: > > So, are any network/port-related tools useful? > > In my personal opinion it is ALWAYS usefull to know what is going on on your > system. No mather how little ports are open... > > You said it was for your laptop, and thats why you should certainly use > these tools... A laptop travels with the owner and has the specific feature > of being plugged into the internal network most of the time. This is at home > as well as on location...
With these tool, you are adding up more complexity to your setup and might become vulnarable. Remember the latest snort exploit. So the extra "security" layer made your system unsecure. Snort is ok to protect a network, when installed on a separate host. I don't see any use of opening more ports in order to increase security, I never understood portsentries approach. Why not let the TCP-Stack do it's job in RSTing incoming connections, maybe with a little help from netfilter. Netfilter can log incomming connection attempts, too, if you really need to know. YMMV, Rolf