summaryrefslogtreecommitdiff
path: root/security/portsentry
diff options
context:
space:
mode:
authorjmmv <jmmv@pkgsrc.org>2003-05-06 17:40:18 +0000
committerjmmv <jmmv@pkgsrc.org>2003-05-06 17:40:18 +0000
commitf1446ddf2bf8118f432b3ac74c88db3d832669a8 (patch)
tree37ae7d212f46ef8018a7bd8c13edba7da1a47ed9 /security/portsentry
parent37170ce899bdf394cca1d0769b2215d84b15a7ee (diff)
downloadpkgsrc-f1446ddf2bf8118f432b3ac74c88db3d832669a8.tar.gz
Drop trailing whitespace. Ok'ed by wiz.
Diffstat (limited to 'security/portsentry')
-rw-r--r--security/portsentry/DESCR12
1 files changed, 6 insertions, 6 deletions
diff --git a/security/portsentry/DESCR b/security/portsentry/DESCR
index 26d99009009..a64fba11c2c 100644
--- a/security/portsentry/DESCR
+++ b/security/portsentry/DESCR
@@ -1,22 +1,22 @@
PortSentry is designed to detect and respond to port scans against a
-target host in real-time. Some of the more useful features include:
+target host in real-time. Some of the more useful features include:
+ Runs on TCP and UDP sockets to detect port scans against your
system. PortSentry is configurable to run on multiple sockets at the
same time so you only need to start one copy to cover dozens of
-tripwired services.
+tripwired services.
+ PortSentry will react to a port scan attempt by blocking the host in
real-time. This is done through configured options of either dropping
the local route back to the attacker, using the Linux ipfwadm/ipchains
command, *BSD ipfw command, and/or dropping the attacker host IP into
-a TCP Wrappers hosts.deny file automatically.
+a TCP Wrappers hosts.deny file automatically.
+ PortSentry has an internal state engine to remember hosts that
connected previously. This allows the setting of a trigger value to
-prevent false alarms and detect "random" port probing.
+prevent false alarms and detect "random" port probing.
+ PortSentry will report all violations to the local or remote syslog
daemons indicating the system name, time of attack, attacking host IP
and the TCP or UDP port a connection attempt was made to. When used
in conjunction with Logcheck it will provide an alert to
-administrators through e-mail.
+administrators through e-mail.
+ Once a scan is detected your system will turn into a blackhole and
-disappear from the attacker. This feature stops most attacks cold.
+disappear from the attacker. This feature stops most attacks cold.