Portsentry is a small, easy-to-configure program that acts as a strong deterrent against crackers. A full list of Portsentrys functions may be found at http://www.psionic.com/abacus/portsentry/. Essentially, Portsentry listens to your servers various ports, and if the ports are scanned usually the first action of a cracker the machine that that scanned the ports is locked out by the Portsentry program. This action will not even allow the crackers computer to even see your server any more. Follow these instructions to get Portsentry installed on your server: cd /usr/local/src wget http://www.psionic.com/tools/portsentry-1.0.tar.gz gunzip portsentry-1.0.tar.gz tar xf portsentry-1.0.tar cd portsentry-1.0 pico w portsentry.conf The last command is not necessary, but it does allow you to configure how Portsentry will do its job. I just used the default settings, so you neednt alter this file at all. Consult the README.install file in this same directory for more information about your options. To continue: make linux make install The first command makes the program work for your system, and the latter installs that program. To start the program, type: cd /usr/local/psionic/portsentry portsentry tcp portsentry -udp Now your systems ports are being guarded against any unwanted scanning. To make Portsentry automatically start with a system reboot, you need to add the following two lines at the end of your /etc/rc.d/rc.local: /usr/local/psionic/portsentry/portsentry tcp /usr/local/psionic/portsentry/portsentry udp |