Hi Jim, > >>> I did a save >>> config and modules, rebooted and tried another 'ShieldsUp' scan. All >>> that happened is that I got the usual lot of entries in the shorewall >>> log showing the scan. >>> >> >> So they never reach portsentry ;) Or did you open specific ports in >> shorewall? >> > Interesting - so are you saying that Portsentry only sees anything that > iptables (as set-up by Shorewall) lets through? If so, I'm not sure I can > see the point of portsentry when iptables does all the work beforehand. > If you don't open external ports in shorewall, the traffic will not pass the interface. But if you open access to specific ports from the outside, like ssh, www, ftp... you can use portsentry to look for portscans and the like and block a specific port when under attack.
But I'm no portsentry specialist, I hope someone else on the list can tell something more about it. > Jim > Eric ------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 ------------------------------------------------------------------------ leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/