Re: security/portsentry removal
- Reply: Pete Wright : "Re: security/portsentry removal"
- Reply: Mel Pilgrim : "Re: security/portsentry removal"
- In reply to: Mel Pilgrim : "Re: security/portsentry removal"
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Sat, 08 Apr 2023 07:47:15 UTC
On 4/8/23 04:56, Mel Pilgrim wrote: >> Can anyone suggest something equivalent in the port tree? > > Have a look at fail2ban. It's design intent is monitoring running > services, but really it's just a set of log file regex filters. Anything > that logs network activity can feed it. Hello and thanks for answering. In fact I'm already using fail2ban for "running" services. Portsenty is a bit different, in that it's conceived to listen on ports used by non-running services. I.e. Got a SMTP server? Let fail2ban check its logs. No? Let portsentry listen on port 25. I thought about writing regexes for fail2ban to check if ipfw denied access to ports where portsentry used to listen. So far it's the best idea I've come up with, but I hoped for something simpler (i.e. more close to how portsentry worked). bye & Thanks av.