Portsentry

From MS Computech
Jump to: navigation, search

Portsentry portscan detect + block installation log mscompute team 


#apt-get install portsentry
#nano /etc/portsentry/portsentry.conf

BLOCK_UDP="1"


BLOCK_TCP="1"
#cd /etc/init.d/
#nano portsentryscript
#!/bin/bash
case "$1" in
    start)
        echo "Starting Portsentry..."
        ps ax | grep -iw '/usr/sbin/portsentry  -atcp' | grep -iv 'grep' > /dev/null
        if [ $? != 0 ]; then
          /usr/sbin/portsentry  -atcp
        fi

        ps ax | grep -iw '/usr/sbin/portsentry  -audp' | grep -iv 'grep' > /dev/null
        if [ $? != 0 ]; then
          /usr/sbin/portsentry  -audp
        fi
        echo "Portsentry is now up and running!"
    ;;
    stop)
        echo "Shutting down Portsentry..."
        array=(`ps ax | grep -iw '/usr/sbin/portsentry ' | grep -iv 'grep' \
                       | awk '{print $1}' | cut -f1 -d/ | tr '\n' ' '`)
        element_count=${#array[@]}
        index=0
        while [ "$index" -lt "$element_count" ]
        do
          kill -9 ${array[$index]}
          let "index = $index + 1"
        done
        echo "Portsentry stopped!"
    ;;
    restart)
        $0 stop  && sleep 3
        $0 start
    ;;
    *)
    echo "Usage: $0 {start|stop|restart}"
    exit 1
esac
exit 0

#chmod 644 portsentry
#chmod 755 portsentryscript
#update-rc.d portsentryscript defaults
Retrieved from "https://msc.siamtools.com/wiki/index.php?title=Portsentry&oldid=317"