Monday, January 30, 2006


Last night I found Portsentry that will notice port scans and will block future accesses from those hosts.  I followed these instructions to install Portsentry 1.2, and it went very well.  The only problems that I had was I had to remove an extra newline in portsentry.c when the compile failed, and the sample init script has an extra '<' character in it.

After I installed it, I wanted to test this out to make sure that it was working, so from my home machine, I ran nmap against it.  This recognized the port scan, and blocked it with iptables.  I knew that if I restarted iptables, the rule would be wiped out.  But when I tried that, I still couldn't ssh into the machine.  It took me a while, but I realized that Portsentry added an entry to hosts.deny.  Once I removed that entry, everything worked fine again.

Technorati Tags: , ,

No comments:

Post a Comment

Unlocking Raspberry Pi Potential: Navigating Network Booting Challenges for Enhanced Performance and Reliability

I've set up several Raspberry Pis around our house for various projects, but one recurring challenge is the potential for SD card failur...