Tutorial Instalare Port Scan Detector

sleed · February 4, 2014

In acest tutorial prezint instalarea unui modul de securitate ,PSAD , care detecteaza ce porturi sunt scanate.

Primul pas , activam login-urile de la ip tables :

iptables -A INPUT -j LOG
iptables -A FORWARD -j LOG

Salvam ,

iptables-save > /etc/iptables.up.rules

Pasul II :

apt-get install psad

Instalam psad

nano /etc/psad/psad.conf

-> aICI ESTE LISTA DE configuratie , puteti sa o configurati dupa cum doriti.

[QUOTE]nano /etc/psad/auto_dl[/QUOTE]

---> Lista de IP-URI , Allow/Deny --->

nano /etc/psad/auto_dl

Apoi ii dam un restart :

systemctl restart psad.service

Pentru a afisa daca merge sau nu , executam :

psad -S

Sursa : Sursa

+ optimizat putin de mine. Se poate folosi si cu CSF.

24 start() {
25 # Check if psad is already running
26 if [ ! -f /var/lock/subsys/psad ]; then
27 echo -n $"Starting $prog: "
28 daemon /usr/sbin/psad
29 RETVAL=$?
30 [ $RETVAL -eq 2 ] && touch /var/lock/subsys/psad
31 echo
32 fi
33 return $RETVAL
34 }

Va multumesc!

Edited February 4, 2014 by sleed

kp112 · February 6, 2014

curata si tu pm`urile ca am nevoie de tine :))

Sign In

Tutorial Instalare Port Scan Detector

Recommended Posts

sleed

kp112

Join the conversation

Browse

Activity

Pages