[Gllug] Intrusion detection rates
Bruce Richardson
itsbruce at uklinux.net
Fri May 27 14:02:13 UTC 2005
On Fri, May 27, 2005 at 10:50:19AM +0100, Ian wrote:
> I don't use Ipcop but have got Portsentry installed on the gateway
> (spam/virus filtering) mailserver. For interest, one days worth of scans is
> listed below. The hosts.deny file is quite big now...
>
> We are on Easynet and generally speaking an awful lot of bad traffic does
> come off the BT network.
>
> The only time I worry is if Portsentry denies access to a wanted connection.
> But moving the IP from hosts.deny to hosts.allow sorts it.
Portsentry has a mixed (and mostly poor) reputation as a security tool.
http://www.linux.ie/articles/portsentryandsnortcompared.php
--
Bruce
Bitterly it mathinketh me, that I spent mine wholle lyf in the lists
against the ignorant. -- Roger Bacon, "Doctor Mirabilis"
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 261 bytes
Desc: Digital signature
URL: <http://mailman.lug.org.uk/pipermail/gllug/attachments/20050527/cef96cd3/attachment.pgp>
-------------- next part --------------
--
Gllug mailing list - Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug
More information about the GLLUG
mailing list