22 May
2003
22 May
'03
17:53
On Thu, 2003-05-22 at 11:06, Bruce Marshall wrote:
portsentry was a port checker... not a log checker... (but you probably know that.) In today's IPTABLEs world, I no longer use portsentry... Don't feel the need for it. But logcheck... use it on every machine.
Oh crap. That's right. portsentry was of no use since I was blocking most everything, and those packets never reached the user layer. What I was thinking of was "psad." (http://www.cipherdyne.com/psad/) I had just been thinking that, because of the "ps" in the front, that it was part of the (p)ort(s)entry package. I see that psad is also not in the 8.2 distro. Is there a workalike replacement for that, or am I going to have to get it from source? Thanks and regards, dk