portsentry-1.1-fr4 RPM for i386

From Freshrpms for Red Hat 7.1 / portsentry

PortSentry is part of the Abacus Project suite of tools. The Abacus
Project is an initiative to release low-maintenance, generic, and reliable
host based intrusion detection software to the Internet community. More
information can be obtained from http://www.psionic.com.

PortSentry has a number of options to detect port scans, the purpose of this
is to give an admin a heads up that their host is being probed. There are
similar programs that do this already (klaxon, etc.) We have added a little
twist to the whole idea (auto-blocking), plus extensive support for
stealth scan detection.

PortSentry has four "stealth" scan detection modes. Method one uses a
pre-defined list of ports to watch over. If someone pokes at them
it activates. The second method is what is called "inverse" port binding,
where every port under a range is watched *except* for those that the
system has bound for network daemons when the PortSentry starts or ones that
you've manually excluded. This is a very sensitive way for looking for
port probes, but also the most prone to false alarms.

Provides

• portsentry

Requires

• /bin/sh
• /bin/sh
• /bin/sh
• ld-linux.so.2
• libc.so.6
• /bin/bash

Copyright

Freely distributable

Signatures

internal MD5: 3dcc9d202ab04fe811ac11406893dcc0

GPG

Changelog

* Wed Oct 17 2001 Matthias Saou <matthias.saou@est.une.marmotte.net>
  - Fixed the emailing example KILL_RUN_CMD I had added.
* Tue Sep 18 2001 Matthias Saou <matthias.saou@est.une.marmotte.net>
  - Fixed the init script to update correctly the ignore file on non
    english systems.
* Sat Aug 18 2001 Matthias Saou <matthias.saou@est.une.marmotte.net>
  - Added UDP port 123 to the advanced exclude, since ntp queries were
    getting the ntp server blocked!
* Fri Aug 03 2001 Matthias Saou <matthias.saou@est.une.marmotte.net>
  - Update to 1.1.
  - Spec file cleanup, merged both patches to the new version.
  - New updated initscript, now excludes default gateways and nameservers.
  - Added a cron entry to flush added iptables/ipchains entries.
* Thu Nov 09 2000 Matthias Saou <matthias.saou@est.une.marmotte.net>
  - added some exclude tcp & udp ports in "a" modes
  - changed the default mode to "atcp" & "audp" with a portsentry.modes
    file
* Tue Sep 05 2000 Tim Powers <timp@redhat.com>
  - fixed initscript so that it doesn't overwrite the portsentry.ignore file,
    just appends to it (in a roundabout way)
  - patched default behavior of config file *not* to automagically start
    blocking tcp and udp
  - the above were tested by Henri J. Schlereth" <henris@bga.com>, and don't
    forget he reported the problem to me too :)
* Thu Aug 10 2000 Tim Powers <timp@redhat.com>
  - fixed the initscript so that it actually starts both or all modes of
    scanning
  - noreplace for config files
* Thu Aug 10 2000 Tim Powers <timp@redhat.com>
  - fixed perms on /var/portsentry
  - added initscript with many suggestions from Henri J. Schlereth
    <henris@bga.com>, it's real nice :)
  - added post, preun and postun sections since we now have an initscript
* Wed Aug 09 2000 Tim Powers <timp@redhat.com>
  - FHSified the package. Was putting stuff in the horrible location of
    /usr/psionic, which is not FHS compliant. Fixed.
* Mon Jul 24 2000 Prospector <prospector@redhat.com>
  - rebuilt
* Mon Jul 10 2000 Tim Powers <timp@redhat.com>
  - rebuilt
* Mon Jul 03 2000 Prospector <bugzilla@redhat.com>
  - automatic rebuild
* Thu May 18 2000 Tim Powers <timp@redhat.com>
  - update to 1.0
* Tue Nov 23 1999 Tim Powers <timp@redhat.com>
  - updated to 0.99.1
* Tue Jul 20 1999 Tim Powers <timp@redhat.com>
  - yet another name change and version update to 0.98
  - made neccessary changes to everything so it would build
* Wed May 05 1999 Bill Nottingham <notting@redhat.com>
  - build for powertools-6.0, rename to portsentry
* Fri Oct 02 1998 Michael Maher <minke@redhat.com>
  - built package

Files

àkÎ	

Generated by rpm2html 1.8.1

Daniel Veillard, Tue Oct 14 05:05:42 2008