PortSentry and Snort Compared
Source: linux.ie - Posted by Pete O'Hara   
Intrusion Detection A brief description of port sentry and snort. "A port scan detector that can be configured to bind to ports you want monitored, reporting scans made to these ports and optionally running a command to deal with the scanning host . . . A brief description of port sentry and snort. "A port scan detector that can be configured to bind to ports you want monitored, reporting scans made to these ports and optionally running a command to deal with the scanning host (usually in the form of routing that host to a blackhole or adding a firewall rule dealing with said host)

Snort falls into the category of Network Intrusion Detection Systems (NIDS). It is the best open source program of this type that I am aware of. Port scan detection is a subset of NIDS so one can rightfully assume that snort handles this as well.

Read this full article at linux.ie

Only registered users can write comments.
Please login or register.

Powered by AkoComment!