| Name : portsentry
| |
| Version : 1.2
| Vendor : (none)
|
| Release : 1.te
| Date : 2005-08-25 20:53:36
|
| Group : Applications/System
| Source RPM : portsentry-1.2-1.te.src.rpm
|
| Size : 0.11 MB
| |
| Packager : (none)
| |
| Summary : Port scan detection and active defense
|
Description :
PortSentry is part of the Abacus Project suite of tools. The Abacus
Project is an initiative to release low-maintenance, generic, and reliable
host based intrusion detection software to the Internet community. More
information can be obtained from http://sf.net/projects/sentrytools.
PortSentry has a number of options to detect port scans, the purpose of this
is to give an admin a heads up that their host is being probed. There are
similar programs that do this already (klaxon, etc.) We have added a little
twist to the whole idea (auto-blocking), plus extensive support for
stealth scan detection.
PortSentry has four \"stealth\" scan detection modes. Method one uses a
pre-defined list of ports to watch over. If someone pokes at them
it activates. The second method is what is called \"inverse\" port binding,
where every port under a range is watched *except* for those that the
system has bound for network daemons when the PortSentry starts or ones that
you\'ve manually excluded. This is a very sensitive way for looking for
port probes, but also the most prone to false alarms.
|
RPM found in directory: /packages/linux-pbone/archive/ftp.falsehope.net/home/tengel/fedora/4/te/i386/RPMS |
