From owner-freebsd-security Wed Apr 25 20: 3:16 2001 Delivered-To: freebsd-security@freebsd.org Received: from caerulus.cerintha.com (caerulus.cerintha.com [207.18.92.26]) by hub.freebsd.org (Postfix) with ESMTP id DB3B837B423 for ; Wed, 25 Apr 2001 20:03:12 -0700 (PDT) (envelope-from scheidell@Cerintha.com) Received: (from scheidell@localhost) by caerulus.cerintha.com (8.11.3/8.11.3) id f3Q33CK49974; Wed, 25 Apr 2001 23:03:12 -0400 (EDT) Message-Id: <200104260303.f3Q33CK49974@caerulus.cerintha.com> Subject: Re: Connection attempts (& active ids) In-Reply-To: "from Mike Silbersack at Apr 25, 2001 09:48:21 pm" To: freebsd-security@freebsd.org Date: Wed, 25 Apr 2001 23:03:11 -0400 (EDT) From: Michael Scheidell Reply-To: Michael Scheidell X-Loop: scheidell@fdma.com X-Mailer: ELM [version 2.4ME+ PL77 (25)] MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > > On Wed, 25 Apr 2001, David Goddard wrote: > > > Simply by being sat there listening to port 111, portsentry blocks > > several probably compromised systems a day from talking to my servers. > > Why should I not use it as a part of my security strategy? > > Soooooo... if you weren't running portsentry, wouldn't they be talking to > a closed port, and hence leave you alone as well? Sooooooo... if I lock all my doors and windows, and they don't get it, I should be happy, right? The problem is, if I don't keep an eye on what is going on, I don't know they are trying. If I don't know they are trying, they WILL get in. read about the $50,000 hacker chalange? Guess what With enough incentive, they will get in. locked doors and windows are not enough anymore. We need alarms and armed guards. I sure wish I could send a 240vt spike down the link on each and every one. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message