入侵偵測
此套件可以將嘗試入侵者的IP紀錄到LOG檔,
也可以搭配iptables來阻擋此IP。
1. 從http://www.er.klined.net/source/net 下載 portsentry-2.0b1.tar.gz
2. 請將 portsentry-2.0b1.tar.gz 解壓縮
3. cd portsentry-2.0b1
4. 修改 portsentry_config.h 如下
修改前 : #define CONFIG_FILE "/usr/local/psionic/portsentry2/portsentry.conf"
修改後 : #define CONFIG_FILE "/etc/portsentry/portsentry.conf"
5. make linux
6. cp portsentry /sbin
7. mkdir /etc/portsentry
8. cp portsentry.conf /etc/portsentry
9. touch /etc/portsentry/portsentry.blocked
10. touch /etc/portsentry/portsentry.history
11. touch /etc/portsentry/portsentry.ignore
|