From owner-freebsd-security  Wed Apr 25 19:48:29 2001
Delivered-To: freebsd-security@freebsd.org
Received: from silby.com (adam042-060.resnet.wisc.edu [146.151.42.60])
	by hub.freebsd.org (Postfix) with ESMTP id 0B5AD37B623
	for <freebsd-security@FreeBSD.ORG>; Wed, 25 Apr 2001 19:48:23 -0700 (PDT)
	(envelope-from silby@silby.com)
Received: (qmail 8026 invoked by uid 1000); 26 Apr 2001 02:48:22 -0000
Received: from localhost (sendmail-bs@127.0.0.1)
  by localhost with SMTP; 26 Apr 2001 02:48:22 -0000
Date: Wed, 25 Apr 2001 21:48:21 -0500 (CDT)
From: Mike Silbersack <silby@silby.com>
To: David Goddard <goddard@acm.org>
Cc: Domas Mituzas <domas.mituzas@delfi.lt>, <scheidell@fdma.com>,
	<freebsd-security@FreeBSD.ORG>
Subject: Re: Connection attempts (& active ids)
In-Reply-To: <3AE744B2.186E5793@acm.org>
Message-ID: <Pine.BSF.4.31.0104252147260.8017-100000@achilles.silby.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org


On Wed, 25 Apr 2001, David Goddard wrote:

> Simply by being sat there listening to port 111, portsentry blocks
> several probably compromised systems a day from talking to my servers.
> Why should I not use it as a part of my security strategy?

Soooooo... if you weren't running portsentry, wouldn't they be talking to
a closed port, and hence leave you alone as well?

Mike "Silby" Silbersack


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message