On Fri, 7 Dec 2001 05:54:55 -0600 Richard Feaver <[EMAIL PROTECTED]> wrote:
> Is there any way i can configure Portsentry to ignore Netbios > scans. Just configure it to not watch port 135. > Also if these type of people are looking for weak Netbios shares > then they are obviously after windows boxes and not a threat > therefore banning these lamers seems inappropriate. Whether or not PortSentry is a useful tool or merely an after-the-fact comfort piece is a common argument. It is easy to argue that PortSentry actually has little to no effect in increasing a site's security model. Its also easy to argue that it can offer non-tangible benefits in providing hurdles to crude discovery attempts and thus potentially dissuade subsequent script-kiddie probes. YMMV. -- J C Lawrence ---------(*) Satan, oscillate my metallic sonatas. [EMAIL PROTECTED] He lived as a devil, eh? http://www.kanga.nu/~claw/ Evil is a name of a foeman, as I live.
