本机上开了20、21、22、80、123、554 几个端口,
装了portsentry后,用别的机器上的nmap -P0扫描,发现portsentry不生效,
还是能扫出来。
我的portsentry.conf配置如下,烦请大家看看:
TCP_PORTS="1,11,15,79,111,119,143,540,635,1080,1524,2000,5742,6667,
12345,12346,20034,31337,32771,32772,32773,32774,40421,49724,54320"
UDP_PORTS="1,7,9,69,161,162,513,635,640,641,700,32770,32771,32772,
32773,32774,31337,54321"
ADVANCED_PORTS_TCP="1023"
ADVANCED_PORTS_UDP="1023"
ADVANCED_EXCLUDE_TCP="113,139"
ADVANCED_EXCLUDE_UDP="520,138,137,67"
IGNORE_FILE="/usr/local/psionic/portsentry/portsentry.ignore"
HISTORY_FILE="/usr/local/psionic/portsentry/portsentry.history"
BLOCKED_FILE="/usr/local/psionic/portsentry/portsentry.blocked"
BLOCK_UDP="1"
BLOCK_TCP="1"
KILL_ROUTE="/sbin/route add -host $TARGET$ reject"
KILL_HOSTS_DENY="ALL: $TARGET$ : DENY"
SCAN_TRIGGER="0" |