About portsentry you could googling. I will share my knowladge about portsentry installation.
1. Please update your ubuntu server.
Login as root with sudo su and using apt-get update -y
2. Installing portsentry.
#apt-get install portsentry
3. Edit portsentry configuration file
# gedit /etc/portsentry/portsentry.conf
Change
BLOCK_UDP=”0″ <—-1
BLOCK_TCP=”0″ <—–1
So like this
BLOCK_UDP=”1″
BLOCK_TCP=”1″
next, looking for row
#KILL_ROUTE=”/sbin/route add -host $TARGET$ gw 333.444.555.666″
and remove # and change 333.444.555.666 with reject
so like this
KILL_ROUTE=”/sbin/route add -host $TARGET$ reject”
4. restart your portsentry
# /etc/init.d/portsentry start

For examination you can use nmap application from client to your sever was installed portsentry. Look at your log with #tail -f /var/log/syslog

pleasea don’t forget look at your  /etc/hosts.denny. This file is place ip address was blocked because scanner activity.

Look at /var/lib/portsentry/portsentry.history . thsi file is was note a history ip address was was blocked because scanner activity.

 

Advertisements