Contributed by jose on from the triple-redundancy dept.
The first is an overview of the TriSentry tools . This covers the tools portsentry (available in ports) and logcheck (also available in ports).
The second is a coverage of SSH basics , another guide for new SSH users. This article introduces what Dru hopes will be a series on SSH for BSD users.
The third is an introduction to the zebra routing daemon (also available in ports). Zebra is a userland tool which handles many types of routing protocols on a UNIX machine.
Each of these are worth looking at for a variety of needs. Enjoy!
(Comments are closed)
By Matt Burke () matt@botchitt.com on mailto:matt@botchitt.com
I've seen kernel fw acl's a mile long because they've been hit by a few distributed portscans... surely for a popular site this can be a prelude to a DoS?
By RC () on
If you've been scanned, so what? If you are running vulnerable software, that's not going to stop anyone (and if you know something is vulnerable, why are you using that software?). If you are secure, then why concern yourself with scans and minor break-in attempts?
Have I missed something?
Comments
By El Volio () on mailto:kylem at xwell dot gro (reverse the TLD)
That said, watching for portscans is probably of virtually no use. Watching for actual attacks is of much greater use. And of course host IDS (properly configured and deployed) is really valuable.