Results 1 to 6 of 6

Thread: Portsentry-1.1

  1. #1

    Portsentry-1.1

    Hey All,
    I had a few questions after compiling and installing Portsentry-1.1 yesterday. I enter the startup line that Ashcrow had posted in his pet into my rc.local file and I reboot the computer. Now, if I understand things correctly, Portsentry should start during bootup. Now, if I type ps -aux this lists all processes that are currently running and who owns them. I dont see Portsentry listed at all. Is there any way I can verify that its starting?
    10Ded

  2. #2

    Re:Portsentry-1.1

    Hey there 10dedfish, what distrobution are you using? It should be running in the background and viewable with ps ax. If it didn't start running there are a few diffrent things it could be, 1.) Your distro uses a diffrent rc startup setup 2.) The script isn't set to be executable 3.) The script isn't starting portsentry as root.

  3. #3

    Re:Portsentry-1.1

    Sorry, should have posted that. :
    Im using RH7.3. I downloaded the Portsentry-1.1. When I installed it, I was logged in under root, and received no errors during compile. I placed the /usr/local/psionic/Portsentry....yada yada into the rclocal file under the rc.d directory. Also, Ashcrow, for the arguments on your PET, you use -tcp for obvious reasons, but you use -sudp for same. Whats the -s for?
    10Ded

  4. #4

    Re:Portsentry-1.1

    [quote author=10Dedfish link=board=5;threadid=5814;start=0#55525 date=1039518778]
    Also, Ashcrow, for the arguments on your PET, you use -tcp for obvious reasons, but you use -sudp for same. Whats the -s for?
    [/quote]

    The s stands for silent or stealth bepending on who you ask. It's harder for the scanner to figure out you are watching but it doesn't give as much informaiton back. The reason I use -sudp is because udp packets are unreliable and error filled as it is.

    Does Red Hat have a rc.local file? Also check your path (in my PET I am using /usr/local/psionic/portsentry and you seem to be using ''/Portsentry).

    Also, try running your rc.local file and see if portsentry starts. If it doesn't then there is probably a path problem, if it does then rc.local isn't being started at boot for some reason on RH 7.3.

    I know Red Hat uses the SysV-like start up so something like this might work better for you (NOTE: This is not tested and probably needs tweaking!) ...

    Code:
    #!/bin/sh
    #
    # Startup script for Portsentry 1.1
    #
    
    # Source function library.
    . /etc/rc.d/init.d/functions
    
    case "$1" in
      start)
    echo "Starting Portsentry: "
    if [ -x /usr/local/psionic/portsentry/portsentry ]; then
                      /usr/local/psionic/portsentry/portsentry -tcp              
                      /usr/local/psionic/portsentry/portsentry -sud
            fi
            echo_success
    echo
            ;;
     
    
      *)
    echo "Usage: %s {start}\n" "$0"
    exit 1
    esac
    
    exit 0

  5. #5
    Senior Member
    Join Date
    May 2001
    Posts
    345

    Re:Portsentry-1.1

    s is for Stealth according to the docs. You don't like the spoof factor on stealth and advanced TCP modes, eh? When I used to run Portsentry I always ran with advanced. Never had a problem, though I am aware of the potential, I mean the docs only mention it what, a dozen times? I also was a lone user with no worries of a DOS attack, after all I didn't provide anyone any services to begin with.

    Hehe, just looked at the PET. Telling people to use a banner like that? Even the portsentry docs recomend against taunting the scanners! Okay, tis all in good fun I understand..

  6. #6

    Re:Portsentry-1.1

    [quote author=vvx link=board=5;threadid=5814;start=0#56000 date=1040002865]
    Hehe, just looked at the PET. Telling people to use a banner like that? Even the portsentry docs recomend against taunting the scanners! Okay, tis all in good fun I understand..
    [/quote]

    If you can't make fun of script kiddies who can you make fun of? ;D

Similar Threads

  1. How to setup portsentry
    By peter in forum Tutorials
    Replies: 0
    Last Post: 11-24-2008, 05:32 AM
  2. IPTables and PortSentry
    By Jeepsta in forum Linux - Software, Applications & Programming
    Replies: 3
    Last Post: 06-10-2002, 04:46 PM
  3. Portsentry admin
    By Bogler in forum Linux - General Topics
    Replies: 2
    Last Post: 05-15-2002, 09:00 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •