The FreeBSD Diary |
|
(TM) | Providing practical examples since 1998If you buy from Amazon USA, please support us by using this link. |
|
PortSentry - a port watcher
1 January 2000
|
|
PortSentry is a program which watches connections on your ports
and sends you warning messages if someone scans them.. It's good for most port scans
but not all. This is from /usr/ports/security/portsentry/pkg/DESCR: PortSentry is part of the Abacus Project suite of security tools. It is a program designed to detect and respond to port scans against a target host in real-time. There are other port scan detectors that perform similar detection of scans, but PortSentry has some unique features that may make it worth looking into WWW: http://www.psionic.com/abacus/portsentry/ Disclosure: I'm the port maintainer for PortSentry. |
|
Installing
|
Remember, I have the entire ports tree.
So it was easy.cd /usr/ports/security/portsenty make make install |
|
Configuring
|
| Sorry, but I've lost my notes for this install. The rest of this
article is from memory. The first thing is to fetch everything: You should read /work/portsentry-1.0/README.install. The important steps are:
As time goes on, you might want to add things to /usr/local/etc/portsentry.ignore but use caution. |
|
Running
|
Again, see work/portsentry-1.0/README.install, especially
"STEP 5". I tried running portsentry this way:portsentry -tcp portsentry -udp |