BSD Today: Deploying Portsentry; What to do before the kiddies come calling | Linux Today

BSD Today: Deploying Portsentry; What to do before the kiddies come calling

Written By
Web Webster
Web Webster
Jul 21, 2000

[ Thanks to Jeremy C.
Reed
for this link. ]

“I figured I didn’t need a security policy when I set up my
first web server some years back. … And then it dawned on me that
by simply scanning subnets your average script kiddie didn’t need
to know what my site was all about at all. He or she could just
scan en masse for open ports and an easy way in and then plant a
root kit for laughs or turn my machine into a spam forwarding
station. I got a copy of SATAN and ran it against my own site. I
was astonished. Every port, that could be, was open and
identifiable to anyone on the internet. (There were these problems
with my logs, too, but that is another story.)”

“…I built the best firewall I could with a Pentium 90 and the
zero knowledge I had at the time and bit my lip. Some time after
that I got introduced to a splendid little program called
Portsentry that did precisely what I needed — it let
me know immediately when someone probed my perimeter wire. As an
added benefit, it could make the port being probed just vanish from
the intruder’s sight.”

“Portsentry actually does a lot more than that. It will
log the offender’s IP address and can insert that address into the
/etc/hosts.deny file. It can be configured to simply drop the
offender into a black hole in real time, or run a retaliation
script (highly not recommended). For folks that have no provision
for the high dollar security services and those really expensive
black boxes that a lot of companies sell — this program used with
its companion program, Logcheck, are a pretty good deal. When
coupled with a good firewall running a packet filter like IPF, it
is a pretty hard combination to beat. These items can remove most
of the threat from the subnet booty bandit, or the generic script
kiddie (if you’re into the whole genteel approach to
name-calling).”

Complete
Story

Web Webster

Web Webster

Web Webster has more than 20 years of writing and editorial experience in the tech sector. He’s written and edited news, demand generation, user-focused, and thought leadership content for business software solutions, consumer tech, and Linux Today, he edits and writes for a portfolio of tech industry news and analysis websites including webopedia.com, and DatabaseJournal.com.

Linux Today Logo

LinuxToday is a trusted, contributor-driven news resource supporting all types of Linux users. Our thriving international community engages with us through social media and frequent content contributions aimed at solving problems ranging from personal computing to enterprise-level IT operations. LinuxToday serves as a home for a community that struggles to find comparable information elsewhere on the web.

Property of TechnologyAdvice. © 2026 TechnologyAdvice. All Rights Reserved

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.