l i n u x - u s e r s - g r o u p - o f - d a v i s
Next Meeting:
July 7: Social gathering
Next Installfest:
Latest News:
Jun. 14: June LUGOD meeting cancelled
Page last updated:
2001 Dec 30 16:58

The following is an archive of a post made to our 'vox-tech mailing list' by one of its subscribers.

Report this post as spam:

(Enter your email address)
Re: [vox-tech] Running PortSentry
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [vox-tech] Running PortSentry

  • Subject: Re: [vox-tech] Running PortSentry
  • From: Jessica <cat@ansible.MAPSorg>
  • Date: Sat, 21 Oct 2000 20:45:29 -0700
  • References: Pine.GSO.4.21.0010211607510.12780-100000@sandman.ucdavis.edu

On Sat, 21 Oct 2000, Mark Kim wrote:

> Since Peter had great reviews of PortSentry, I'm running it now.  Except
> I'm not sure what mode to run portsentry in.  So anyone familiar with
> PortSentry -- what modes do you run PortSentry in?

I've not used portsentry extensively, but from what I've seen, the mode
that makes the most sense is the "Advanced Stealth Scan Detection" mode.

This mode analyzes the raw socket rather than binding to the
socket (in essence opening the port, which is how classic mode
works and is one of the main gripes I had with portsentry when I
tried it) and monitors all ports not already in use, so you don't have to
try to guess which ports the attackers are going to hit.

OTOH, if you only want to watch a few specific ports, Enhanced Stealth
Scan Detection mode would probably work equally well.

Classic mode seems awkward for several reasons which I can go into if you
want, and I can't see any particular reason to use it.


LUGOD Group on LinkedIn
Sign up for LUGOD event announcements
Your email address:
LUGOD Group on Facebook
'Like' LUGOD on Facebook:

Hosting provided by:
Sunset Systems
Sunset Systems offers preconfigured Linux systems, remote system administration and custom software development.

LUGOD: Linux Users' Group of Davis
PO Box 2082, Davis, CA 95617
Contact Us

LUGOD is a 501(c)7 non-profit organization
based in Davis, California
and serving the Sacramento area.
"Linux" is a trademark of Linus Torvalds.

Sponsored in part by:
EDGE Tech Corp.
For donating some give-aways for our meetings.