[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[cobalt-security] [RaQ3] Portsentry - Can someone see where I'm going wrong :<

Subject: [cobalt-security] [RaQ3] Portsentry - Can someone see where I'm going wrong :<
From: "Render-Vue" <sales@xxxxxxxxxxxxxx>
Date: Thu, 20 Sep 2001 00:34:56 +1200
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

Hi Yah,

Just tried installing portsentry onto a Raq3 (thought I'd be brave after
installing logcheck successfully)...see process below. I've followed the
install manual to best of my ability (still a windows man) - searched the
archives (only one similar post) and the thing still won't fire up. I've
even tried installing under the make generic but still no joy. Can someone
see where I'm going wrong or offer any suggestions.

I thought I'd play safe and go for the basic -tcp & -udp modes, with packet
filtering - wasn't sure which one to choose ipfwadm or ipchains and do I
need these installed or are they already on the Cobalts??? (chose
KILL_ROUTE="/sbin/ipchains -I input -s $TARGET$ -j DENY -l" in
portsentry.conf)

Many thanks in advance & regards from Auckland

Chae


> cd /home/sites/home/portsentry-1.1
> make linux
SYSTYPE=linux
Making
cc -O -Wall -DLINUX -DSUPPORT_STEALTH -o ./portsentry ./portsentry.c \
	./portsentry_io.c ./portsentry_util.c
> make install
Creating psionic directory /usr/local/psionic
Setting directory permissions
Creating portsentry directory /usr/local/psionic/portsentry
Setting directory permissions
chmod 700 /usr/local/psionic/portsentry
Copying files
cp ./portsentry.conf /usr/local/psionic/portsentry
cp ./portsentry.ignore /usr/local/psionic/portsentry
cp ./portsentry /usr/local/psionic/portsentry
Setting permissions
chmod 600 /usr/local/psionic/portsentry/portsentry.ignore
chmod 600 /usr/local/psionic/portsentry/portsentry.conf
chmod 700 /usr/local/psionic/portsentry/portsentry


Edit /usr/local/psionic/portsentry/portsentry.conf and change
your settings if you haven't already. (route, etc)


WARNING: This version and above now use a new
directory structure for storing the program
and config files (/usr/local/psionic/portsentry).
Please make sure you delete the old files when
the testing of this install is complete.


> cd /usr/local/psionic/portsentry
> portsentry -udp
sh: portsentry: command not found
> portsentry -tcp
sh: portsentry: command not found
-----------------------------------------------------------
In the portsentry folder there are 3 files...
portsentry
portsentry.conf
portsentry.ignore

so the files are there, but it just won't run - aaahhhh :>

Follow-Ups:
- Re: [cobalt-security] [RaQ3] Portsentry - Can someone see where I'm going wrong :<
  - From: Kevin D
- RE: [cobalt-security] [RaQ3] Portsentry - Can someone see where I'm going wrong :<
  - From: Chris Burton

Prev by Date: [cobalt-security] bindshell INFECTED PORTS 1524 31337
Next by Date: SV: [cobalt-security] NIMBA VIRUS
Previous by thread: RE: [cobalt-security] bindshell INFECTED PORTS 1524 31337
Next by thread: Re: [cobalt-security] [RaQ3] Portsentry - Can someone see where I'm going wrong :<

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index