Find the answer to your Linux question:
Results 1 to 3 of 3
Hi all. I'm trying to configure port sentry so that one someone port scans me. It runs zenmap and runs a scan against them.so far I have made these changes ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Jul 2011
    Posts
    1

    using portsentry to run zenmap against attacker on detected portscan


    Hi all.
    I'm trying to configure port sentry so that one someone port scans me. It runs zenmap and runs a scan against them.so far I have made these changes to the config file.
    set it to run a command when it detects a scan.
    Code:
    # 0 = Do not block UDP/TCP scans.
    # 1 = Block UDP/TCP scans.
    # 2 = Run external command only (KILL_RUN_CMD)
    
    BLOCK_UDP="2"
    BLOCK_TCP="2"
    and set the command to run zenmap
    Code:
    KILL_RUN_CMD="sudo zenmap -p intense_scan,_no_ping -t $TARGET$"
    but when I scan the computer with port sentry on it from another computer nothing happens.
    btw I'm running ubuntu 11.04 if that helps any.
    Thanks, Waffer

  2. #2
    Just Joined!
    Join Date
    Aug 2009
    Posts
    83
    Quote Originally Posted by waffer View Post
    I'm trying to configure port sentry
    What on Earth suggested you to use Port Sentry? It was abandoned by the owner ages ago, bought up by another company and spat out again. It's unmaintained, deprecated and inaccurate. Besides that your idea of running a nmap scan against remote hosts is only superficially entertaining and 0) some jurisdictions don't take lightly to scanning remote hosts, 1) the remote host may be an innocent proxy for the actual attacker and 2) you accomplish absolutely nothing positive by scanning remote hosts in terms of host security...

  3. #3
    Linux Newbie
    Join Date
    Oct 2008
    Posts
    153
    Scanning it would make you the attacker. Why not just deny them in iptables?

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •