Alexandru E. Ungur spake the following on 3/20/2006 3:33 AM:
> Hi all,
>
> I appologise in advance if this is a little OT, but I am building
> a box that will serve as firewall and router for a small 'internet
> cafe / netcafe' and am using CentOS...
>
> So here it is:
> What are the best tools to be used for keeping the potential
> script kiddies from 'harming the Internet' :) ? I specifically want
> to be able to detect and prevent portscans from LAN to Internet, and
> any other malware activity the clients might think of.
>
> I am particularily interested in 'the CentOS way'. For example I
> know there is psd module in patch-o-matic for iptables to be able
> to do the portscan detection in firewall... but, that doesen't
> feel like 'CentOS way' (because I have to build a cusom kernel)
> unless there is some kernel (even 3rd part, unsuported/etc.) that
> already has this in...
>
> Also I know of the portsentry tool, but the project seems pretty much
> dead after Cisco bought Psyonic... and again is not on up2date's list...
>
> I intend to use Snort, though I hope that it won't share portsentry's
> fate and become extinct after Check Point's acquisition of Sourcefire
> will be completed. No FUD intended on this, optimistic views are always
> highly welcomed :)
>
> Luckily denyhosts has no plans of selling itself to anyone so that's
> one project I can safely use :)
>
> So, Open Source portscaner for CentOS... anyone... ? :)
>
>
> Thank you for your time and help,
>
> With respect,
> Alex
Why not use a firewall distro?
You could even use ClarkConnect, which is based on CentOS 4. I use it at home
and I love it!
You can even bandwidth limit ip ranges, and add anything CentOS.
