This may be a stupid question to which the obvious answer is right in
front of me yet I am not seeing it....
Is there any reason in particular why PortSentry and an IPChains
firewall would not work together?
I ask this because ever since I implemented my IPChains firewall
PortSentry no longer logs scans and since does not add the offender to the
ipchains rules. I am pretty certain that part of the reason is due to the
default rule being DENY and then just allowing certain
hosts/packets/etc...
I guess what I really am asking is: Is there a way to have the best of
both worlds? I like the security of the default rule being DENY, but I
also really liked the way PortSentry handled scans as far as the logging
and the addition of their IP to the rules, thus specifically denying
anything from that IP.
I apologize in advance for the lack of information on my part regarding
exactly what rule sets I have implemented, how PortSentry is setup on my
end, etc...
Thanks!
Niko
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
