Quick question...
What's the best way to start portsentry on reboot?
Many thanks,
phillip.
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-questions" in the body of the message
Hello Everyone,
I have up and running freebsd 4.8-R
recently i installed portsentry from my updated ports,
I configured portsentry.conf to add the blocked IPs to ipfw.
also I added all my allowed IPs to portsentry.ignore
when I ssh to the box It works fine, but when I surf the web
hi all
i'm configuring portsentry and i wanted to set the value of the KILL_RUN_CMD option to
reverse finger a scanning host. can somebody tell me what the correct syntax this
would be in this file?
thanks
msg12345/pgp0.pgp
Description: PGP signature
Hi,
On Wed, 2003-01-29 at 19:03, Phillip Smith wrote:
> Quick question...
>
> What's the best way to start portsentry on reboot?
>
> Many thanks,
>
You can write a simple start-up script that does that for you. Here's
what I have in /usr/local/etc/rc.d:
#!/bin/sh
Hi Phillip.
On Wed, Jan 29, 2003 at 02:03:03PM -0500, Phillip Smith wrote:
>
> What's the best way to start portsentry on reboot?
There doesn't seem to be one build by the port, so I wrote a
/usr/local/etc/rc.d/portsentry.sh that looks someting like this:
#!/bin/sh
ca
Wednesday, January 29, 2003, 2:03:03 PM, you wrote:
PS> Quick question...
PS> What's the best way to start portsentry on reboot?
PS> Many thanks,
PS> phillip.
I use a script in /usr/local/etc/rc.d
--
Benmailto:[EMAIL PROTECTED]
To Unsubscr
FreeBSD 4.8 - stable
can somebody tell me how to get portsentry to flush the hosts.deny file? or
do I just need to remove the contents manually and restart portsentry?
thanks in advance,
- Noah
___
[EMAIL PROTECTED] mailing list
http
On Mon, Sep 29, 2003 at 08:10:22AM -0800, Noah wrote:
>
> FreeBSD 4.8 - stable
>
>
> can somebody tell me how to get portsentry to flush the hosts.deny file? or
> do I just need to remove the contents manually and restart portsentry?
You don't need to do that for two re
Hello,
Is anyone noticing an issue when portsentry is started on 5.2.1-p8 it
atempts to bind to a tcp or udp port the first one listed in the
portsentry.conf file and immediately core dumps with a signal 4? I have
tried this on two machines with identical results.
Suggestions welcome.
Thanks
, but they're long, and suffice it to say ports i thought were
closed or inactive were shown as open.
after discussing it with the -security listserv, and running a 'sockstat' on the
gateway box, it turns out that portsentry was indeed listening on the great majority
of ports tha
> and udp ports were open. i could copy the nmap results, but they're
> long, and suffice it to say ports i thought were closed or inactive
> were shown as open.
>
> after discussing it with the -security listserv, and running a
> 'sockstat' on the gateway box, it tu
hi
i've used portsentry on standalone workstations before with ipfilter setup as a
+firewall, and for some reason, now when i'm trying to use it on a ipf/ipnat
+gateway box, it's being really verbose about the ports it's binding to. if i
+nmap a standalone workstation i have
> hi
> i've used portsentry on standalone workstations before with ipfilter
> setup as a +firewall, and for some reason, now when i'm trying to use it
> on a ipf/ipnat +gateway box, it's being really verbose about the ports
> it's binding to. if i +nmap a stand
On Tue, 11 Feb 2003 23:05:09 -0600
Redmond Militante <[EMAIL PROTECTED]> wrote:
> hi
> i've used portsentry on standalone workstations before with ipfilter setup as a
> +firewall, and for some reason, now when i'm trying to use it on a ipf/ipnat
> +gateway box, it'
hi
thanks again.
i think i'm going to move portsentry to hosts behind the gateway - makes more sense
considering the info you sent, and then look into snort/tripwire on the gateway (i
actually have tripwire installed, i just haven't generated a new config db lately,
since i'
On Wed, 2003-02-12 at 05:55, Stephen Hilton wrote:
> What bothers me about this method of defense is the possibilty
> of an attacker causing a DOS by spoofing their source scan IP
> and causing your system to deny traffic from a vaild host like
> your upstream DNS server.
You can add your DNS
16 matches
Mail list logo
