[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [cobalt-security] PortSentry 2.0b1 Beta released
- Subject: RE: [cobalt-security] PortSentry 2.0b1 Beta released
- From: Gerald Waugh <gwaugh@xxxxxxxxxxxxxxxxxxxxxxx>
- Date: Wed, 10 Apr 2002 07:28:49 -0400
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
On Wed, 10 Apr 2002, Graeme Fowler wrote:
>
> Well, a cursory glance at the ChangeLog for this version shows that the most
> important change of all is that the "Classic", or binding, mode has been
> removed. That should get rid (I say should... but!) of all the "Help! I
> scanned my system and I've got X Y and Z trojans on my system" messages we
> see here on a reasonably regular basis.
>
> Apart from that, it appears to be cleaner (code-wise), uses normal BPF
> filtering if necessary, is aware of ECN (if you've come across this you'll
> know what it means), everything is in the config file, yadda yadda yadda.
>
> Other than that, it's still PortSentry. All it does is watches defined ports
> on your machine and react if necessary in whatever way you define. Does it
> need to do anything else???
I use to use portsentry but have given up on it. For one thing it keeps
a bunch of ports open that I don't use anyway, so it's kind of like entrapment
you catch people trying to access ports on the machine that are not in use
anyway.
--
Gerald Waugh
http://www.frontstreetnetworks.com
Front Street Networks LLC - 203-785-0699
229 Front Street, Ste. #C, New Haven CT, 06513-3203