[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[cobalt-users] Question on SHP

Subject: [cobalt-users] Question on SHP
From: Bob G7 <Bob_G7@xxxxxxxxxx>
Date: Fri Oct 11 05:27:01 2002
List-id: Mailing list for users to share thoughts on Sun Cobalt products. <cobalt-users.list.cobalt.com>

Like a lot of us, I installed the Cobalt SHP package before they pulled it
so I haven't touched it. I see that it is working as I get at least 2 or 3
port scans a day and being notified by email.

eth0:portscan: tcp xx.xx.xx.xx/27374 -> 61.96.29.56/2787 40 rst (30)

My current config for SHP is 'log and block' which it is doing, I think once
it detects the portscan it locks them out for 5 minutes.

The question is, once I'm notified, does SHP add them to a data file in the
event they try to portscan again, there blocked, or do I have to add them to
the GUI manually?

Thanks

Bob G.

Follow-Ups:
- Re: [cobalt-users] Question on SHP
  - From: Rick Ewart

Prev by Date: RE: [cobalt-users] Question RE: Mail Spooling "store-and-forward"
Next by Date: Re: [cobalt-users] RaQ3 Apache Upgrade - Bassi Instructions
Previous by thread: Re: [cobalt-users] RaQ3 Apache Upgrade - Bassi Instructions
Next by thread: Re: [cobalt-users] Question on SHP

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index