| Portsentry is a small, easy-to-configure program that acts as a strong deterrent against crackers. A full list of Portsentry’s functions may be found at http://www.psionic.com/abacus/portsentry/. Essentially, Portsentry listens to your server’s various ports, and if the ports are scanned — usually the first action of a cracker — the machine that that scanned the ports is locked out by the Portsentry program. This action will not even allow the cracker’s computer to even see your server any more. Follow these instructions to get Portsentry installed on your server: cd /usr/local/src
wget http://www.psionic.com/tools/portsentry-1.0.tar.gz
gunzip portsentry-1.0.tar.gz
tar –xf portsentry-1.0.tar
cd portsentry-1.0
pico –w portsentry.conf The last command is not necessary, but it does allow you to configure how Portsentry will do its job. I just used the default settings, so you needn’t alter this file at all. Consult the “README.install” file in this same directory for more information about your options. To continue: make linux
make install The first command makes the program work for your system, and the latter installs that program. To start the program, type: cd /usr/local/psionic/portsentry
portsentry –tcp
portsentry -udp Now your system’s ports are being guarded against any unwanted scanning. To make Portsentry automatically start with a system reboot, you need to add the following two lines at the end of your /etc/rc.d/rc.local: /usr/local/psionic/portsentry/portsentry –tcp
/usr/local/psionic/portsentry/portsentry –udp |