[ previous ] [ next ] [ threads ]
 From:  "Alagu Sankar" <alaguv at realnetsi dot com>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  [m0n0wall] 16 MB RAM
 Date:  Wed, 22 Oct 2003 13:16:22 -0700
I am trying to use m0n0wall generic PC version on an x86 based hardware with
only 16MB RAM and 8MB CF.  I am getting some Page Fault (trap 12) as soon as
the kernel boots up.  Just wondering if anybody has used it with similar
configuration.  FYI i am using the rootfs-pb18r522.tar.gz as a base root
filesystem and building my own kernel image based on FreeBSD 4.8 RELEASE.
m0n0wall hackers guide has been of great help in building my own image. Now
i have a standard PC for PXE boot and a target platform for CF boot.


----- Original Message -----
From: "Tracy Phillips" <tracy dot phillips at weberize dot com>
To: <m0n0wall at lists dot m0n0 dot ch>
Sent: Wednesday, October 22, 2003 9:15 AM
Subject: [m0n0wall] PorSentry Feedback


I would like to know what the list would think about implementing portsentry
into m0n0wall?


Psionic was purchased by Cisco so the link referenced in the article above
will lead you to Cisco.

This is from the readme of portsentry:

PortSentry is part of the Abacus Project suite of tools. The Abacus

Project is an initiative to release low-maintenance, generic, and reliable

host based intrusion detection software to the Internet community. More

information can be obtained from http://www.psionic.com.

PortSentry has a number of options to detect port scans, when it finds one

can react in the following ways:

            - A log indicating the incident is made via syslog()

            - The target host is automatically dropped into /etc/hosts.deny

              for TCP Wrappers

            - The local host is automatically re-configured to route all

              traffic to the target to a dead host to make the target system


            - The local host is automatically re-configured to drop all

              packets from the target via a local packet filter.

The purpose of this is to give an admin a heads up that their host is

being probed. There are similar programs that do this already (klaxon,

etc.) We have added a little twist to the whole idea (auto-blocking), plus

extensive support for stealth scan detection.


I think this would be a great tool to be implemented on a firewall
(obviously Cisco does as well). It's a fairly lightweight program so it
should not take up much room.

I would like to get some feedback on the subject

Tracy Phillips