On Sun, Jul 22, 2001 at 05:24:05PM -0400, Steven W. Orr wrote:
> Ok Loossee. Splain it to me. The part I don't get is: How does portsentry
> see any packets at all if my basic policy is DENY? I.e., the firewall (in
> this case done with ipchains via pmfirewall) soaks up all packets and
> silently discards them. So how does portsentry ever get to think that
> *anything* is ever trying to probe me?
In that scenario, obviously it won't since the packets are dropped
before they can get to portsentry. So why do this? I can remember
making a very 'clever' one line change to my ipchains script that had
the unintended consequence of opening everything < 1024. Portsentry let
me know about it. Safety in numbers.
--
Hal B
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
Spamtrap: [EMAIL PROTECTED] and [EMAIL PROTECTED]
--
_______________________________________________
Seawolf-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/seawolf-list
