PortSentry: How To Delete an Entry in Routing Table
This is a discussion on PortSentry: How To Delete an Entry in Routing Table within the Linux Security forums, part of the System Security and Security Related category; While experimenting with PortSentry, I performed an nmap scan on my box from another box to make sure PortSentry was ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
06-23-2005
|
|||
|
|||
PortSentry: How To Delete an Entry in Routing Table
While experimenting with PortSentry, I performed an nmap scan on my box from
another box to make sure PortSentry was working. As expected, both the /etc/hosts.deny file and the routing table got updated. Now I want to undo the changes that PortSentry did. That's an easy edit of the hosts.deny file, but fixing the routing table baffles me. Here's the routing table: Destination Gateway Genmask Flags Metric Ref Use Iface 208.24.128.3 0.0.0.0 255.255.255.255 UH 0 0 0 ppp0 207.20.142.137 - 255.255.255.255 !H 0 - 0 - 192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0 0.0.0.0 208.24.128.3 0.0.0.0 UG 0 0 0 ppp0 Question: How does one flush the line that has the flag "!H"? TIA... 
|
|
06-23-2005
|
|||
|
|||
|
Re: PortSentry: How To Delete an Entry in Routing Table
Dnia 23.06.2005 M_F_H <no_one@example.com> napisał/a:
> While experimenting with PortSentry, I performed an nmap scan on my box from > another box to make sure PortSentry was working. As expected, both the > /etc/hosts.deny file and the routing table got updated. Now I want to undo the > changes that PortSentry did. That's an easy edit of the hosts.deny file, but > fixing the routing table baffles me. Here's the routing table: > > Destination Gateway Genmask Flags Metric Ref Use Iface > 208.24.128.3 0.0.0.0 255.255.255.255 UH 0 0 0 ppp0 > 207.20.142.137 - 255.255.255.255 !H 0 - 0 - > 192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 > 169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0 > 0.0.0.0 208.24.128.3 0.0.0.0 UG 0 0 0 ppp0 > > Question: How does one flush the line that has the flag "!H"? TIA... for BLE in `route | grep "\!H" | awk '{print $1'}`; do route del $BLE; done -- ::( Filip Pawlak Jabber: filippawlak@chrome.pl ): ::( fp@actionmag.pl GG: 4633099 ):
|
|
06-23-2005
|
|||
|
|||
|
Re: PortSentry: How To Delete an Entry in Routing Table
M_F_H wrote:
> While experimenting with PortSentry, I performed an nmap scan on my box > from another box to make sure PortSentry was working. As expected, both > the /etc/hosts.deny file and the routing table got updated. Now I want > to undo the changes that PortSentry did. That's an easy edit of the > hosts.deny file, but fixing the routing table baffles me. Here's the > routing table: > > Destination Gateway Genmask Flags Metric Ref Use > Iface > 208.24.128.3 0.0.0.0 255.255.255.255 UH 0 0 0 > ppp0 > 207.20.142.137 - 255.255.255.255 !H 0 - 0 - > 192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 > eth0 > 169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 > eth0 > 0.0.0.0 208.24.128.3 0.0.0.0 UG 0 0 0 > ppp0 > > Question: How does one flush the line that has the flag "!H"? TIA... Answer: From the configuration file, /etc/portsentry.conf, PortSentry performs this command when it detects a scan: route add -host 207.20.142.137 reject Therefore, it is reasonable to assume that to restore the route, perform this: route del -host 207.20.142.137 reject
|
Linear Mode
