[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]
Re: Portsentry vs ipchains firewalling
- From: "Greg W" <redhat_list mail com>
- To: redhat-list redhat com
- Subject: Re: Portsentry vs ipchains firewalling
- Date: Mon, 31 Jan 2000 21:25:03 +1100
Portsentry has one main function, to detect portscans from
portscanners.......it will trigger some response when a pattern is matched.
An ipchains script is a specific "filter" , it does not detect patterns as
such, it can however log everything and deny everything if you have it set
to do so.
*********** REPLY SEPARATOR ***********
On 31/01/00 at 0:13 Mike Lewis wrote:
>There's been a lot of talk of on the list lately about Portsentry
>(http://www.psionic.com/abacus/portsentry/). I've been using a modified
>firewall script (http://ipchains.nerdherd.org/) for sometime now. I
decided
>based on all the traffic on the list about Portsentry to investigate it.
>
>Do I understand correctly, that the ipchains script from
>(http://ipchains.nerdherd.org/) does exactly the same thing as Portsentry
>does, except the ipchains script does the redirection/denial "up front"
>where the Portsentry s/w does the redirection/denial "in real time" ?
>
>Is this correct, or have I missed something ? It would seem though the
>Portsentry s/w is more robust than is the ipchains script.
Regards
Greg Wright
IT Consultant Sydney Australia
--
*** Please trim any replies ***
*** Please turn off HTML in your email ***
*** Please don't use the list for test messages ***
*** Why not read the archives? http://moongroup.com/redhat.phtml ***
[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]