13

Arno-Iptables-Firewall with PSAD (Port Scan Attack Detector) & FWSNORT

view full story
linux-howto

http://crunchbanglinux.org – These are slightly updated instructions I've not seen anywhere else as Arno's excellent firewall no longer works out of the box with PSAD. Also some notes below for PSAD with the simpler UFW Firewall which also has a guisudo apt-get install arno-iptables-firewall psad fwsnort ssmtp #ssmtp is easier to configure than exim - see further below OR sudo apt-get install arno-iptables-firewall psad fwsnort exim4 The basic arno firewall configuration is ok but can be made a little more secure by changing the following variables in /etc/arno-iptables-firewall/firewall.conf:ECHO_IGNORE=1 IP_ (HowTos)