Sentry Tools Reviews

I know that this tool, when installed on a Linux system, creates its own startup scripts. However, it does not do this on a Mac. After much tedious experimentation and help on the forums Cemetech.net and Macrumors.com, I found a solution that works. If any of you already know how to do this, sorry. Just trying to help those who don't. Mac OS X uses something called a launch daemon that tells it what to do during startup. First, you want to install portsentry using whatever method you want, either manually or using MacPorts/DarwinPorts. Then, you create a shell script and name it 'portsentry_startup.sh'. Move it into your user folder. The following should be the contents of your script.: #!/bin/bash /opt/local/libexec/portsentry -tcp /opt/local/libexec/portsentry -udp **those are the paths to portsentry on my computer. You will have to figure out the path on your machine. Save it, then open a terminal, navigate into the directory with the script you just made and execute the following commands: sudo chown root:admin portsentry_startup.sh sudo chmod +x portsentry_startup.sh The first command changes the script to root as an owner. The second allows it to be executed. Next, we need to create the actual launch daemon on OS X. OS X uses PLIST files to control its startup, with one PLIST file for each task, containing the script to run and any parameters to supply. To do, this we create a file called 'com.apple.portsentry.plist'. You can create it on your desktop if you want. This file should look like this: <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0 //EN" "DTD property file..."> <plist version="1.0"> <dict> <key>Label</key> <string>com.apple.portsentry</string> <key>ProgramArguments</key> <array> <string>/Users/ [your username] /portsentry_startup.sh</string> </array> <key>RunAtLoad</key> <true/> </dict> </plist> **where it says "DTD property file", there should be an actual URL there, but this system yells at me about URLS's. The Label key identifies the 'job' by name, and then the Program Arguments key starts with the script to run, then supplies arguments in an array of strings. In this case, we don't need any arguments. Obviously, replace [your username] with the name of your user folder, which is where you should have moved that first script to. Next, you will need to move this PLIST file into the following directory /Library/LaunchDaemons. There should be a bunch of other PLIST files there too. Next, run the following command in your terminal: sudo chown root:admin /Library/LaunchDaemons/com.apple.portsentry.plist Reboot. PortSentry should start up at boot. To make sure, once the boot process is complete, run this in your terminal: ps aux | grep portsentry Your should see three responses. Any questions, feel free to ask.

Good soft, tnx!

great project, thank you for sharing!

My iptables INPUT Chain is now full of *.adsl.dynamic.seed.net.tw and *.dynamic.hinet.net... Thanks dude, it really makes life easier.

Extremely helpful. It allows for you to have an IPS (real time reaction) or IDS (passive). Excellent design and coding, great job! As a System Administrator, you can't _live_ without this tool! I for one, am very grateful. Thank you!

Getting out of bed in the morning for many folks in this world (including myself), involves the use of coffee in preparation for the day ahead. Portsentry, and it's associated suite of tools, is something that you probably don't want forward facing machines to enter production without - and doing so might mean you don't need that cup of coffee in the morning because you no longer have a job. I've been working with Portsentry for about ten years now, and I can say there's literally nothing like blocking script kiddies in realtime while you sleep tight, knowing that for all but the most targeted penetration attempts, you're protected!