Portsentry has one main function, to detect portscans from
portscanners.......it will trigger some response when a pattern is matched.
An ipchains script is a specific "filter" , it does not detect patterns as
such, it can however log everything and deny everything if you have it set
to do so.
*********** REPLY SEPARATOR ***********
On 31/01/00 at 0:13 Mike Lewis wrote:
>There's been a lot of talk of on the list lately about Portsentry
>(http://www.psionic.com/abacus/portsentry/). I've been using a modified
>firewall script (http://ipchains.nerdherd.org/) for sometime now. I
decided
>based on all the traffic on the list about Portsentry to investigate it.
>
>Do I understand correctly, that the ipchains script from
>(http://ipchains.nerdherd.org/) does exactly the same thing as Portsentry
>does, except the ipchains script does the redirection/denial "up front"
>where the Portsentry s/w does the redirection/denial "in real time" ?
>
>Is this correct, or have I missed something ? It would seem though the
>Portsentry s/w is more robust than is the ipchains script.
Regards
Greg Wright
IT Consultant Sydney Australia
--
*** Please trim any replies ***
*** Please turn off HTML in your email ***
*** Please don't use the list for test messages ***
*** Why not read the archives? http://moongroup.com/redhat.phtml ***
--
To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe"
as the Subject.
