[root@sunny♥泰用哲學♥/temp/portsentry]# tar xvfzp portsentry-1.1.tar.gz
[root@sunny♥泰用哲學♥/temp/portsentry]# cd portsentry-1.1
[root@sunny♥泰用哲學♥/temp/portsentry/portsentry-1.1]# vi portsentry_config.h
#define CONFIG_FILE "/usr/local/etc/portsentry.conf"
[root@sunny♥泰用哲學♥/temp/portsentry/portsentry-1.1]# vi Makefile
CC = gcc
CFLAGS = -O3 -march=i686 -funroll-loops -fomit-frame-pointer -Wall
INSTALLDIR = /usr/local
CHILDDIR=/portsentry
[root@sunny♥泰用哲學♥/temp/portsentry/portsentry-1.1]# make linux
[root@sunny♥泰用哲學♥/temp/portsentry/portsentry-1.1]# make install
[root@sunny♥泰用哲學♥/temp/portsentry/portsentry-1.1]# install -m700 -s portsentry /usr/local/sbin
[root@sunny♥泰用哲學♥/temp/portsentry/portsentry-1.1]# mkdir -p -m700 /usr/local/etc/portsentry
[root@sunny♥泰用哲學♥/temp/portsentry/portsentry-1.1]# mkdir -p -m700 /var/log/portsentry
[root@sunny♥泰用哲學♥/temp/portsentry/portsentry-1.1]# touch /var/log/portsentry/portsentry.blocked.atcp
[root@sunny♥泰用哲學♥/temp/portsentry/portsentry-1.1]# touch /var/log/portsentry/portsentry.blocked.audp
[root@sunny♥泰用哲學♥/temp/portsentry/portsentry-1.1]# touch /var/log/portsentry/portsentry.blocked.sudp
[root@sunny♥泰用哲學♥/temp/portsentry/portsentry-1.1]# touch /var/log/portsentry/portsentry.blocked
[root@sunny♥泰用哲學♥/temp/portsentry/portsentry-1.1]# touch /var/log/portsentry/portsentry.history
[root@sunny♥泰用哲學♥/temp/portsentry]# vi /usr/local/etc/portsentry.conf
TCP_PORTS="1,11,81,82,83,1080,1720,1863,5190,8080"
UDP_PORTS="1,7,9,81,82,83,1080,1720,1863,5190,8080"
ADVANCED_PORTS_TCP="1024"
ADVANCED_PORTS_UDP="1024"
ADVANCED_EXCLUDE_TCP="113,139"
ADVANCED_EXCLUDE_UDP="520,138,137,67"
IGNORE_FILE="/etc/portsentry/portsentry.ignore"
HISTORY_FILE="/var/log/portsentry/portsentry.history"
BLOCKED_FILE="/var/log/portsentry/portsentry.blocked"
RESOLVE_HOST="0"
BLOCK_UDP="0"
BLOCK_TCP="1"
KILL_ROUTE="/sbin/route add -host $TARGET$ reject"
SCAN_TRIGGER="0"
PORT_BANNER="** UNAUTHORIZED ACCESS PROHIBITED **"
[root@sunny♥泰用哲學♥/temp/portsentry]# cp -f portsentry /etc/rc.d/init.d/portsentry
[root@sunny♥泰用哲學♥/temp/portsentry]# vi portsentry
# config: /etc/portsentry/portsentry.conf
SENTRYDIR=/usr/local/etc/portsentry
action "Starting $prog -$i: " /usr/local/sbin/portsentry -$i
[root@sunny♥泰用哲學♥/temp/portsentry]# chmod 700 /etc/rc.d/init.d/portsentry
[root@sunny♥泰用哲學♥/temp/portsentry]# chown 0.0 /etc/rc.d/init.d/portsentry
[root@sunny♥泰用哲學♥/temp/portsentry]# chkconfig --add portsentry
[root@sunny♥泰用哲學♥/temp/portsentry]# chkconfig --level 345 portsentry on
[root@sunny♥泰用哲學♥/temp/portsentry]# service portsentry start
Starting PortSentry -tcp: [ OK ]
Starting PortSentry -udp: [ OK ]
[root@sunny♥泰用哲學♥/temp/portsentry]# cd portsentry-1.1
[root@sunny♥泰用哲學♥/temp/portsentry/portsentry-1.1]# vi portsentry_config.h
#define CONFIG_FILE "/usr/local/etc/portsentry.conf"
[root@sunny♥泰用哲學♥/temp/portsentry/portsentry-1.1]# vi Makefile
CC = gcc
CFLAGS = -O3 -march=i686 -funroll-loops -fomit-frame-pointer -Wall
INSTALLDIR = /usr/local
CHILDDIR=/portsentry
[root@sunny♥泰用哲學♥/temp/portsentry/portsentry-1.1]# make linux
[root@sunny♥泰用哲學♥/temp/portsentry/portsentry-1.1]# make install
[root@sunny♥泰用哲學♥/temp/portsentry/portsentry-1.1]# install -m700 -s portsentry /usr/local/sbin
[root@sunny♥泰用哲學♥/temp/portsentry/portsentry-1.1]# mkdir -p -m700 /usr/local/etc/portsentry
[root@sunny♥泰用哲學♥/temp/portsentry/portsentry-1.1]# mkdir -p -m700 /var/log/portsentry
[root@sunny♥泰用哲學♥/temp/portsentry/portsentry-1.1]# touch /var/log/portsentry/portsentry.blocked.atcp
[root@sunny♥泰用哲學♥/temp/portsentry/portsentry-1.1]# touch /var/log/portsentry/portsentry.blocked.audp
[root@sunny♥泰用哲學♥/temp/portsentry/portsentry-1.1]# touch /var/log/portsentry/portsentry.blocked.sudp
[root@sunny♥泰用哲學♥/temp/portsentry/portsentry-1.1]# touch /var/log/portsentry/portsentry.blocked
[root@sunny♥泰用哲學♥/temp/portsentry/portsentry-1.1]# touch /var/log/portsentry/portsentry.history
[root@sunny♥泰用哲學♥/temp/portsentry]# vi /usr/local/etc/portsentry.conf
TCP_PORTS="1,11,81,82,83,1080,1720,1863,5190,8080"
UDP_PORTS="1,7,9,81,82,83,1080,1720,1863,5190,8080"
ADVANCED_PORTS_TCP="1024"
ADVANCED_PORTS_UDP="1024"
ADVANCED_EXCLUDE_TCP="113,139"
ADVANCED_EXCLUDE_UDP="520,138,137,67"
IGNORE_FILE="/etc/portsentry/portsentry.ignore"
HISTORY_FILE="/var/log/portsentry/portsentry.history"
BLOCKED_FILE="/var/log/portsentry/portsentry.blocked"
RESOLVE_HOST="0"
BLOCK_UDP="0"
BLOCK_TCP="1"
KILL_ROUTE="/sbin/route add -host $TARGET$ reject"
SCAN_TRIGGER="0"
PORT_BANNER="** UNAUTHORIZED ACCESS PROHIBITED **"
[root@sunny♥泰用哲學♥/temp/portsentry]# cp -f portsentry /etc/rc.d/init.d/portsentry
[root@sunny♥泰用哲學♥/temp/portsentry]# vi portsentry
# config: /etc/portsentry/portsentry.conf
SENTRYDIR=/usr/local/etc/portsentry
action "Starting $prog -$i: " /usr/local/sbin/portsentry -$i
[root@sunny♥泰用哲學♥/temp/portsentry]# chmod 700 /etc/rc.d/init.d/portsentry
[root@sunny♥泰用哲學♥/temp/portsentry]# chown 0.0 /etc/rc.d/init.d/portsentry
[root@sunny♥泰用哲學♥/temp/portsentry]# chkconfig --add portsentry
[root@sunny♥泰用哲學♥/temp/portsentry]# chkconfig --level 345 portsentry on
[root@sunny♥泰用哲學♥/temp/portsentry]# service portsentry start
Starting PortSentry -tcp: [ OK ]
Starting PortSentry -udp: [ OK ]
'🌟2017년 이전 포스팅 모음 🌟 > 💞Linux OS💞' 카테고리의 다른 글
Linux 네트워크 설정 하기 (0) | 2011.05.14 |
---|---|
hostsentry 설치와 설정 (0) | 2011.05.14 |
XP 마운틴 한글 지원 설정 (0) | 2011.05.14 |
[CentOS5] Apache2+php5+mysql6 연동설치와 기본설정 (0) | 2011.05.14 |
ncftp 설치와 사용방법 (0) | 2011.05.14 |