search for: portsentrys

Displaying 20 results from an estimated 29 matches for "portsentrys".

Did you mean: portsentry
2005 Sep 15
3
Portsentry
I'm running CentOS 4 with Blue Quartz on a white box, and having problems with installing Portsentry vi the .tar.gz route. Various errors, etc. Anyone here know of a source, like an RPM or something, for Portsentry for CentOS? ... or a similar app? thnx, Manny
2003 Jul 16
6
HOWTO: Temporary dynamic blocking with Shorewall and Portsentry
Hi, all: This is just a note and suggestion, not a question; but I really like this system and thought it might be useful to others so I decided to share. Hope it helps someone, and comments or suggestions are always welcome. 1. Overview: Shorewall accepts traffic on ports that I consider "hostile" (i.e. ports on which I would NEVER expect to see connections) and redirects
2003 Jul 18
0
portsentry and shorewall
I installed portsentry and am using it with shorewall. I followed the HOWTO posted here, and I have it working together, I have gotten about 4 emails saying such IP is blocked for 5 days. However, in the /etc/portsentry dir, the only files in there are: portsentry.conf portsentry.ignore portsentry.temp.block There are no files that should be there like: portsentry.history portsentry.block -
2005 Aug 26
0
portsentry and proftpd RPMs available
Just dropping a note, I've built CentOS4 friendly RPMs (as well as RHEL4 and FC4) of two of my favourite tools, PortSentry and ProFTPd: ftp://ftp.pbone.net/mirror/ftp.falsehope.net/home/tengel/portsentry/CentOS4/ ftp://ftp.pbone.net/mirror/ftp.falsehope.net/home/tengel/proftpd/CentOS4/ PortSentry is built using the last known (RedHat 9 based) SPEC/patches from FreshRPMS, updated to apply
2005 Apr 28
2
portsentry+shorewall
Hello, i use shorewall for a very long time (2 years or so) and i use it for nat and as firewall....i now use portsentrys to detect portscans but there is one problem...i use the HOWTO from the shorewall mailing list to make portsentry and shorewall work together....but there is one prob portscans get detected and a drop rule is added to shorewall for example shorewall drop 62.178.xxx.xx the shorewall entry...
2005 Sep 16
0
Portsentry cause IPTable Reloads
I'm having some trouble with portsentry on CentOS. I've installed it and configured it to ignore my network. However, every 20 minutes, it reloads my iptables and basically kills any SSH sessions, etc. Any suggestions? Thanks, Todd -------------- next part -------------- An HTML attachment was scrubbed... URL:
2006 Mar 20
6
[OT maybe] netcafe firewall
Hi all, I appologise in advance if this is a little OT, but I am building a box that will serve as firewall and router for a small ''internet cafe / netcafe'' and am using CentOS... So here it is: What are the best tools to be used for keeping the potential script kiddies from ''harming the Internet'' :) ? I specifically want to be able to detect and prevent
2007 Mar 13
4
Centos-specific Denyhosts Howto Anyone?
Hi, after reading the docs (no man page) and seeing a few example howtos, I see none for Centos specifically. I hereby offer to write this and even host it, and any other wiki-able howto you want, if you can school me on the first few steps relevant to how to link up the current rpmforge rpm for RHEL4-64. See, right now, the one for centos loads into the /usr/share/doc, which is an odd place
2005 Jan 31
3
auto-blacklist
I have been getting a lot of dictionary attacks against my server and want to automatically add the IP address of the offender when their failed SSH login attempts are equal to five or more. I was just going to write a dumb BASH script to do this unless there is a more intelligent way? Eric
2010 Feb 03
0
cannot mount NFS share, portmap problems, what todo? [SOLVED]
On Wed, Feb 3, 2010 at 2:40 PM, Geoff Galitz <geoff at galitz.org> wrote: > > > > Should it be running, or not? > > > > > > >root at mercury:[~]$ netstat -ap --inet | grep rpc > > >tcp 0 0 *:sunrpc *:* > LISTEN 6458/portsentry > > >udp 0 0 localhost:filenet-rpc localhost:filenet-rpc
2007 Jan 01
2
Error Help Needed
Hello everyone, I need a little help finding an issue one of my machines. I have 4 setup all the same way and just this one gives the errors. Here are the errors from Logwatch; ?################### LogWatch 5.2.2 (06/23/04) #################### ?--------------------- Arpwatch Begin ------------------------ Argument "4444'service' option expects either the name of a
2003 Nov 21
7
FORWARD:REJECT
I have a 3 nic setup with shorewall 1.4.8-1 running on redhat 9. My eth2 (dmz zone)has 7 secondary address attached to it. I can ping a machine in each subnet, dmz to net rules seem to be working fine on all machines.. I have my policy set as dmz to dmz accept. If I try to ping between subnets I get Nov 21 12:18:45 kbeewall kernel: Shorewall:FORWARD:REJECT:IN=eth2 OUT=eth2 SRC=172.17.0.2
2004 Nov 22
3
how do I configure shorewall to block people port scanning ?
as subject
2000 Apr 27
3
samba and firewalls
I have a little home network with one Windows 98 PC and a pc running linux. My idea is that as soon as DSL is finally made available to my area (which I keep getting told will be real soon now) I want to route it through the linux box and up to the Windows PC, using IP masquerading, etc. At present I have samba enabled on the unix box which opens up several worthwhile conveniences to me:
2009 Jun 21
6
Program to ban sniffers
So I have been reading the ssh attack thread and finally want to ask about something. I doubt there is a program like this, but I would love to have a program that listens at common ports that I do not use at all...and only allow that program to listen to it, especially the usual ssh port (using a different one for real ssh)... That program would then, upon receiving a 'sniff' or
2004 Sep 18
8
Attacks on ssh port
Hi, Is there a security problem with ssh that I've missed??? Ik keep getting these hords of: Failed password for root from 69.242.5.195 port 39239 ssh2 with all kinds of different source addresses. They have a shot or 15 and then they are of again, but a little later on they're back and keep clogging my logs. Is there a "easy" way of getting these ip-numbers added to
2006 Apr 25
2
firewall based antivirus/trojan blocking and intrusion detection [dnk]
Can anyone recommend an opensource package (preferably something centos 4X compatible) that can be used on a (iptables) firewall to block virus/trojan, etc? And maybe something for intrusion detection? Thanks! Dnk
2005 Sep 15
0
Hostsentry RPM?
On that Portsentry subject, anybody ran across an updated hostsentry rpm? -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.centos.org/pipermail/centos/attachments/20050915/f5133636/attachment.html> -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 3022 bytes
2003 Mar 30
2
Bindshell rootkit
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Ok...did some checking. I forgot to mention that I killed dead syslogd. Not just a -HUP but an actual kill and restarted. I did this several times. I was trying to get something else to work. Anyway, I killed it again this morning and restarted. The infect message went away immediately. Could this have been the problem? -
2005 Jan 10
3
REDIRECT + shorewall drop for dynamic blacklists
Hi, I have seen this come up in a couple of threads, but nothing recent. I was wondering a couple of things and was hoping someone could clarify. I have an existing working shorewall configuration (Details at end of post). >From within this config, I have a few ports redirected for use with portsentry (like the mini-howto directs forbidden port accesses to port 49999). This works