[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] PortSentry 2.0b1 Beta released

Subject: Re: [cobalt-security] PortSentry 2.0b1 Beta released
From: "Kevin D" <kdlists@xxxxxxxxxxxxxxx>
Date: Thu, 11 Apr 2002 17:12:00 -0400
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

> > Gerald, you can specify exactly which ports you want it to listen to.
By
> > allowing it to bind to ports that you don't use and would probably
otherwise
> > block with IPCHAINS, iptables, etc. is that hopefully you'll catch a
hacker
> > doing a port scan before they get to one of your active ports running
real
> > services and automatically drop their traffic in your firewall.

And then when the hacker does a decoy scan you get hundreds of innocent ips
blocked from your server. And hey, if the hacker discovers what you're
doing, he can just send more decoys until your server is pretty much shut
down to the outside world, until the rules get flushed in 2-3 days.

If you're really lucky, one of the decoys he uses will be the one you
connect from to admin the server :)

Kevin

Follow-Ups:
- Re: [cobalt-security] PortSentry 2.0b1 Beta released
  - From: Chris Burton
- Re: [cobalt-security] PortSentry 2.0b1 Beta released
  - From: Gerald Waugh
- Re: [cobalt-security] PortSentry 2.0b1 Beta released
  - From: Steve Werby
- Re: [cobalt-security] PortSentry 2.0b1 Beta released
  - From: Mike Vanecek

References:
- Re: [cobalt-security] PortSentry 2.0b1 Beta released
  - From: Steve Werby
- Re: [cobalt-security] PortSentry 2.0b1 Beta released
  - From: Gerald Waugh

Prev by Date: Re: [cobalt-security] OS 'version' WRT security patches?
Next by Date: Re: [cobalt-security] PortSentry 2.0b1 Beta released
Previous by thread: Re: [cobalt-security] PortSentry 2.0b1 Beta released
Next by thread: Re: [cobalt-security] PortSentry 2.0b1 Beta released

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index