Difference between revisions of "Portsentry"
From MS Computech
| Line 1: | Line 1: | ||
| − | ===== Portsentry Installation log ===== | + | ===== Portsentry portscan detect&block Installation log mscompute team ===== |
<pre>#apt-get install portsentry</pre><pre>#nano /etc/portsentry/portsentry.conf | <pre>#apt-get install portsentry</pre><pre>#nano /etc/portsentry/portsentry.conf | ||
BLOCK_UDP="1" | BLOCK_UDP="1" | ||
BLOCK_TCP="1"</pre><pre>#cd /etc/init.d/ | BLOCK_TCP="1"</pre><pre>#cd /etc/init.d/ | ||
| − | #nano portsentryscript</pre> | + | #nano portsentryscript |
| − | + | </pre> | |
| − | <pre> | + | <pre>#!/bin/bash |
| − | #!/bin/bash | ||
case "$1" in | case "$1" in | ||
start) | start) | ||
echo "Starting Portsentry..." | echo "Starting Portsentry..." | ||
| − | ps ax | grep -iw '/usr/sbin/portsentry -atcp' | grep -iv 'grep' | + | ps ax | grep -iw '/usr/sbin/portsentry -atcp' | grep -iv 'grep' > /dev/null |
| − | if [ $? != 0 ]; then | + | if [ $? != 0 ]; then |
/usr/sbin/portsentry -atcp | /usr/sbin/portsentry -atcp | ||
fi | fi | ||
| − | ps ax | grep -iw '/usr/sbin/portsentry -audp' | grep -iv 'grep' | + | ps ax | grep -iw '/usr/sbin/portsentry -audp' | grep -iv 'grep' > /dev/null |
| − | if [ $? != 0 ]; then | + | if [ $? != 0 ]; then |
/usr/sbin/portsentry -audp | /usr/sbin/portsentry -audp | ||
fi | fi | ||
echo "Portsentry is now up and running!" | echo "Portsentry is now up and running!" | ||
| − | + | ;; | |
stop) | stop) | ||
echo "Shutting down Portsentry..." | echo "Shutting down Portsentry..." | ||
| Line 34: | Line 33: | ||
done | done | ||
echo "Portsentry stopped!" | echo "Portsentry stopped!" | ||
| − | + | ;; | |
restart) | restart) | ||
| − | $0 stop && sleep 3 | + | $0 stop && sleep 3 |
$0 start | $0 start | ||
| − | + | ;; | |
*) | *) | ||
echo "Usage: $0 {start|stop|restart}" | echo "Usage: $0 {start|stop|restart}" | ||
| Line 45: | Line 44: | ||
exit 0 | exit 0 | ||
| − | < | + | <pre> |
| − | + | #chmod 644 portsentry | |
| − | |||
#chmod 755 portsentryscript | #chmod 755 portsentryscript | ||
#update-rc.d portsentryscript defaults | #update-rc.d portsentryscript defaults | ||
</pre> | </pre> | ||
Revision as of 16:37, 6 December 2008
Portsentry portscan detect&block Installation log mscompute team
#apt-get install portsentry
#nano /etc/portsentry/portsentry.confBLOCK_UDP="1"
BLOCK_TCP="1"
#cd /etc/init.d/
- nano portsentryscript
#!/bin/bash
case "$1" in
start)
echo "Starting Portsentry..."
ps ax | grep -iw '/usr/sbin/portsentry -atcp' | grep -iv 'grep' > /dev/null
if [ $? != 0 ]; then
/usr/sbin/portsentry -atcp
fi
ps ax | grep -iw '/usr/sbin/portsentry -audp' | grep -iv 'grep' > /dev/null
if [ $? != 0 ]; then
/usr/sbin/portsentry -audp
fi
echo "Portsentry is now up and running!"
;;
stop)
echo "Shutting down Portsentry..."
array=(`ps ax | grep -iw '/usr/sbin/portsentry ' | grep -iv 'grep' \
| awk '{print $1}' | cut -f1 -d/ | tr '\n' ' '`)
element_count=${#array[@]}
index=0
while [ "$index" -lt "$element_count" ]
do
kill -9 ${array[$index]}
let "index = $index + 1"
done
echo "Portsentry stopped!"
;;
restart)
$0 stop && sleep 3
$0 start
;;
*)
echo "Usage: $0 {start|stop|restart}"
exit 1
esac
exit 0
<pre>
#chmod 644 portsentry
#chmod 755 portsentryscript
#update-rc.d portsentryscript defaults
