I am trying to use m0n0wall generic PC version on an x86 based hardware with
only 16MB RAM and 8MB CF. I am getting some Page Fault (trap 12) as soon as
the kernel boots up. Just wondering if anybody has used it with similar
configuration. FYI i am using the rootfs-pb18r522.tar.gz as a base root
filesystem and building my own kernel image based on FreeBSD 4.8 RELEASE.
m0n0wall hackers guide has been of great help in building my own image. Now
i have a standard PC for PXE boot and a target platform for CF boot.
----- Original Message -----
From: "Tracy Phillips" <tracy dot phillips at weberize dot com>
To: <m0n0wall at lists dot m0n0 dot ch>
Sent: Wednesday, October 22, 2003 9:15 AM
Subject: [m0n0wall] PorSentry Feedback
I would like to know what the list would think about implementing portsentry
Psionic was purchased by Cisco so the link referenced in the article above
will lead you to Cisco.
This is from the readme of portsentry:
PortSentry is part of the Abacus Project suite of tools. The Abacus
Project is an initiative to release low-maintenance, generic, and reliable
host based intrusion detection software to the Internet community. More
information can be obtained from http://www.psionic.com.
PortSentry has a number of options to detect port scans, when it finds one
can react in the following ways:
- A log indicating the incident is made via syslog()
- The target host is automatically dropped into /etc/hosts.deny
for TCP Wrappers
- The local host is automatically re-configured to route all
traffic to the target to a dead host to make the target system
- The local host is automatically re-configured to drop all
packets from the target via a local packet filter.
The purpose of this is to give an admin a heads up that their host is
being probed. There are similar programs that do this already (klaxon,
etc.) We have added a little twist to the whole idea (auto-blocking), plus
extensive support for stealth scan detection.
I think this would be a great tool to be implemented on a firewall
(obviously Cisco does as well). It's a fairly lightweight program so it
should not take up much room.
I would like to get some feedback on the subject