Monday, January 30, 2006


Last night I found Portsentry that will notice port scans and will block future accesses from those hosts.  I followed these instructions to install Portsentry 1.2, and it went very well.  The only problems that I had was I had to remove an extra newline in portsentry.c when the compile failed, and the sample init script has an extra '<' character in it.

After I installed it, I wanted to test this out to make sure that it was working, so from my home machine, I ran nmap against it.  This recognized the port scan, and blocked it with iptables.  I knew that if I restarted iptables, the rule would be wiped out.  But when I tried that, I still couldn't ssh into the machine.  It took me a while, but I realized that Portsentry added an entry to hosts.deny.  Once I removed that entry, everything worked fine again.

Technorati Tags: , ,

No comments:

Post a Comment

Revolutionizing Air Quality Monitoring: How I Upgraded Our System with Mila Integration for Smart Home Automation

In this blog post , I explained how I set up an air quality monitoring system for our neighborhood. With this setup, we can keep an eye on t...