[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

SV: [cobalt-security] [RaQ3] Port Sentry

Subject: SV: [cobalt-security] [RaQ3] Port Sentry
From: "Kai Schantz, Euroweb" <kai@xxxxxxxxxx>
Date: Fri, 8 Jun 2001 01:11:32 +0200
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

Hi,

Is there anyway to reopen a IP banned by portsentry?

Kai



>And here is the main reason I dislike portsentry: now your friend, who
>thought his portscan was doing you a favor, can no longer access your
server
>(or at least some of its resources). Portsentry can't tell the difference
>between a malicious attack or a goofball's mistake. Its zero-tolerance for
>system administrators.
>
>For a lot of hackers, portsentry makes very little difference - they can
>always come at your open services from another IP. There are other ways
>beyond a port scan to find out what services are running on your machine
>(your web site, network solutions database, email headers, etc).
>
>So, when using portsentry, what you end up with is a bunch of banned IPs
>from possibly innocent users, and a bunch of hackers that you really
haven't
>stopped, at least not for long.

And the portsentry alternative to deal with 20+ scans per day is....?
Are you suggesting that running without Portsentry is better than running
with it?


Tony
_______________________________________________
cobalt-security mailing list
cobalt-security@xxxxxxxxxxxxxxx
http://list.cobalt.com/mailman/listinfo/cobalt-security

Follow-Ups:
- RE: [cobalt-security] [RaQ3] Port Sentry
  - From: Sean Chester

References:
- RE: [cobalt-security] [RaQ3] Port Sentry
  - From: Tony

Prev by Date: RE: [cobalt-security] [RaQ3] Port Sentry
Next by Date: RE: [cobalt-security] cgiwrap users
Previous by thread: RE: [cobalt-security] [RaQ3] Port Sentry
Next by thread: RE: [cobalt-security] [RaQ3] Port Sentry

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index