Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

honeypots logo Honeypots mailing list archives

PortSentry
From: Bruno MAC Castro <bruno.castro () novabase pt>
Date: Sat, 28 Jun 2003 12:06:37 +0100
Hi all,

I have just installed PortSentry on a test machine. The main goal is to test
and analyse all its IDS features mainly regarding its capacity to detect
malicious traffic and routing features. However, I am having some issues
about its configuration and reaction speed.

I was using its reaction option by running a script when something is not
correct (traffic). The script is updating my iptables and logging modules.

It would be very useful to have "real" configuration PortSentry files, so I
can compare and learn the best optimized options on it. Any interesting link
about the issue would be appreciated.


Best regards,

Bruno

  By Date           By Thread  

Current thread:
  • PortSentry Bruno MAC Castro (Jun 28)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]