Re: [lug-nuts] Portsentry question

From: Michael Long (mlong@ns.net)
Date: Tue Jan 25 2000 - 10:26:04 PST


My feeling is this... If I scan your network and see that you have port 25
(sendmail) running I can start attacking your sendmail port. If you have
portsentry running and I set it off, you effectively "black hole" the IP
address I'm coming from so I can't even "see" the ports you do have open.
It's just an added annoyance for the attacker. :)

Michael

On Tue, 25 Jan 2000, Marc Matteo wrote:

> I'm a little unclear one the use/need of Portsentry.
>
> In my case, I have most if not all the ports blocked to my home network.
> Generally if you're not running internet services this should be a standard
> IP Chains setup, no?
>
> Anyway, if you have all your ports blocked via IP Chains what's the benefit
> of having Portsentry block them again?
>
> Marc
> --
> Marc Matteo
> Online Technology Leader
> http://www.sacbee.com
>
>

****************************************************************************
* To UNSUBSCRIBE from the list, send a message with "unsubscribe lug-nuts"
* in the message body to majordomo@saclug.org. Please direct other
* questions, comments, or problems to lug-nuts-owner@saclug.org.



This archive was generated by hypermail 2b29 : Fri Feb 25 2000 - 14:29:11 PST