[Gllug] hacked !
Bruce Richardson
itsbruce at uklinux.net
Fri Nov 30 00:14:50 UTC 2001
On Thu, Nov 29, 2001 at 02:07:03PM +0000, will wrote:
> >
> > Snort. If anybody suggests portsentry to you, hit them.
>
>
> Why...
It's a very stupid app and just begging to be used to DOS any machine
using it. Portscans often have spoofed source addresses so a snooper
may cause innocent to block innocent hosts even if that wasn't their
intention. See the nmap man page for a not-very-thinly-veiled attack on
portsentry by Fyodor.
Here also is a useful article on the subject.
http://www.linux.ie/articles/portsentryandsnortcompared.php
--
Bruce
Remember you're a Womble.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 261 bytes
Desc: not available
URL: <http://mailman.lug.org.uk/pipermail/gllug/attachments/20011130/08cca26f/attachment.pgp>
More information about the GLLUG
mailing list