Re: PortSentry: How To Delete an Entry in Routing Table
From: M_F_H (no_one_at_example.com)
Date: 06/23/05
- Previous message: Filip Pawlak: "Re: PortSentry: How To Delete an Entry in Routing Table"
- In reply to: M_F_H: "PortSentry: How To Delete an Entry in Routing Table"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 23 Jun 2005 15:21:05 -0400
M_F_H wrote:
> While experimenting with PortSentry, I performed an nmap scan on my box
> from another box to make sure PortSentry was working. As expected, both
> the /etc/hosts.deny file and the routing table got updated. Now I want
> to undo the changes that PortSentry did. That's an easy edit of the
> hosts.deny file, but fixing the routing table baffles me. Here's the
> routing table:
>
> Destination Gateway Genmask Flags Metric Ref Use
> Iface
> 208.24.128.3 0.0.0.0 255.255.255.255 UH 0 0 0
> ppp0
> 207.20.142.137 - 255.255.255.255 !H 0 - 0 -
> 192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0
> eth0
> 169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0
> eth0
> 0.0.0.0 208.24.128.3 0.0.0.0 UG 0 0 0
> ppp0
>
> Question: How does one flush the line that has the flag "!H"? TIA...
Answer:
From the configuration file, /etc/portsentry.conf, PortSentry performs this
command when it detects a scan:
route add -host 207.20.142.137 reject
Therefore, it is reasonable to assume that to restore the route, perform this:
route del -host 207.20.142.137 reject
- Previous message: Filip Pawlak: "Re: PortSentry: How To Delete an Entry in Routing Table"
- In reply to: M_F_H: "PortSentry: How To Delete an Entry in Routing Table"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
