[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] PortSentry Installation question

Subject: Re: [cobalt-users] PortSentry Installation question
From: josh <josh@xxxxxxxxxx>
Date: Sun Mar 4 01:53:00 2001
List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>

Feh, portsentry is a micky mousey laughable system for practical
IDS. Snort puts is right to shame <http://www.snort.org>. Even better yet,
since it analyses packets in promiscios mode, you could set up a dedicated
machine just for IDS, and just create a SPAN port if your network is
switched.


On Tue, 27 Feb 2001 elmer@xxxxxxxxxxxxxx wrote:

> On Tue, 27 Feb 2001, Nick Ciantro wrote:
> 
> } currently I am having someone install port sentry on my raq 4r.  However he
> } messaged me with the following question:
> 
> 	Find someone that knows what they're doing...
> 
> 	Better yet, install it yourself.
> 
> 	While the author does recomend their use, neither ipchains
> or ipfwadm are required to run portsentry. Worse yet, perhaps, many
> seasoned system admins that run very tight ships will tell you not
> to run portsentry in this manner. If you feel you absolutely must
> dump the route then, you guessed it, route will do the job more
> than well enough to get you in really big trouble if you get too
> carried away with your choice of ports :-)
> 
> 
> 
> 
> 
> _______________________________________________
> cobalt-users mailing list
> cobalt-users@xxxxxxxxxxxxxxx
> To Subscribe or Unsubscribe, please go to:
> http://list.cobalt.com/mailman/listinfo/cobalt-users
>

References:
- Re: [cobalt-users] PortSentry Installation question
  - From: elmer

Prev by Date: [cobalt-users] continue
Next by Date: [cobalt-users] test
Previous by thread: Re: [cobalt-users] PortSentry Installation question
Next by thread: [cobalt-users] host.deny addition

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index