[Gllug] Intrusion detection rates

Bruce Richardson itsbruce at uklinux.net
Fri May 27 14:02:13 UTC 2005


On Fri, May 27, 2005 at 10:50:19AM +0100, Ian wrote:
> I don't use Ipcop but have got Portsentry installed on the gateway
> (spam/virus filtering) mailserver. For interest, one days worth of scans is
> listed below. The hosts.deny file is quite big now...
> 
> We are on Easynet and generally speaking an awful lot of bad traffic does
> come off the BT network.
> 
> The only time I worry is if Portsentry denies access to a wanted connection.
> But moving the IP from hosts.deny to hosts.allow sorts it.

Portsentry has a mixed (and mostly poor) reputation as a security tool.

http://www.linux.ie/articles/portsentryandsnortcompared.php

-- 
Bruce

Bitterly it mathinketh me, that I spent mine wholle lyf in the lists
against the ignorant.  -- Roger Bacon, "Doctor Mirabilis"
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 261 bytes
Desc: Digital signature
URL: <http://mailman.lug.org.uk/pipermail/gllug/attachments/20050527/cef96cd3/attachment.pgp>
-------------- next part --------------
-- 
Gllug mailing list  -  Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug


More information about the GLLUG mailing list