List Archive: gentoo-security
Note: Due to technical difficulties, the Archives are currently not up to date.
provides an alternative service for most mailing lists.c.f. bug 424647
On Fri, 2004-01-09 at 09:33, Mark Hurst wrote:
> This topic is dead as far as i'm concerned, you keep default rejecting,
> i'll keep default dropping, and we'll see if i manage to break the
> Internet by doing so.
I just had to comment on this one. I'm sort of doing both rejecting and
dropping on my main gateway.
My configuration is like this:
* Reject unnessecary packages.
* Drop scanners.
I'm using portsentry and I can really recommend it. It can act as a trap
for scanners because it binds itself to certain manually defined ports
(that scanners usually scans). My setup says that if someone touches a
couple of those ports in a short period of time it drops the connection
to that IP directly and notifies me about it through my cellphone.
This means that the attacker is already dropped before he/she have a
chance to use some exploits of the services I'm running. Of course - If
they're used before the scan takes place, then we have a little problem.
But I guess it takes care of the most of them anyway.
Med venlig hilsen / Best regards,
firstname.lastname@example.org mailing list