Honeypots mailing list archives
PortSentry
From: Bruno MAC Castro <bruno.castro () novabase pt>
Date: Sat, 28 Jun 2003 12:06:37 +0100
Hi all, I have just installed PortSentry on a test machine. The main goal is to test and analyse all its IDS features mainly regarding its capacity to detect malicious traffic and routing features. However, I am having some issues about its configuration and reaction speed. I was using its reaction option by running a script when something is not correct (traffic). The script is updating my iptables and logging modules. It would be very useful to have "real" configuration PortSentry files, so I can compare and learn the best optimized options on it. Any interesting link about the issue would be appreciated. Best regards, Bruno
Current thread:
- PortSentry Bruno MAC Castro (Jun 28)