From nobody Sat Apr 08 16:01:26 2023 X-Original-To: ports@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Pv0N94j4Cz44ZX5 for ; Sat, 8 Apr 2023 16:01:29 +0000 (UTC) (envelope-from ml@netfence.it) Received: from soth.netfence.it (mailserver.netfence.it [78.134.96.152]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "mailserver.netfence.it", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Pv0N92xGkz49Qb for ; Sat, 8 Apr 2023 16:01:29 +0000 (UTC) (envelope-from ml@netfence.it) Authentication-Results: mx1.freebsd.org; none Received: from [10.1.2.18] (alamar.local.netfence.it [10.1.2.18]) (authenticated bits=0) by soth.netfence.it (8.17.1/8.17.1) with ESMTPSA id 338G1QNl057901 (version=TLSv1.3 cipher=TLS_AES_128_GCM_SHA256 bits=128 verify=NO); Sat, 8 Apr 2023 18:01:26 +0200 (CEST) (envelope-from ml@netfence.it) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=netfence.it; s=202304; t=1680969686; bh=P2NluMRMcF/wzi+3tNc1+4LLrs0nz+XL5hfOx699++0=; h=Date:Subject:To:References:From:In-Reply-To; b=PHmza1qaeEn7HQxAn8BTvjw1LGmpSYn1QqETiLjprunVGuPAF8Qo7C9QfJfUfyPwG LFP0TDmImocjz/ICA9DoycYdsH6kULEU/N6VmQ7DUQ/w7RbLQt2XkhQYeMJsy+nQzM KWRXqN3K+LzWt5RRXNckpiMz7mv3dqUWFBTUmL/I= X-Authentication-Warning: soth.netfence.it: Host alamar.local.netfence.it [10.1.2.18] claimed to be [10.1.2.18] Message-ID: <76e5f77c-eea7-619d-b45a-a1fbae6d3c1e@netfence.it> Date: Sat, 8 Apr 2023 18:01:26 +0200 List-Id: Porting software to FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-ports List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-ports@freebsd.org X-BeenThere: freebsd-ports@freebsd.org MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:102.0) Gecko/20100101 Thunderbird/102.10.0 Subject: Re: security/portsentry removal Content-Language: en-US To: ports@freebsd.org, freebsd@oldach.net References: <202304081440.338Ee79H007421@nuc.oldach.net> From: Andrea Venturoli In-Reply-To: <202304081440.338Ee79H007421@nuc.oldach.net> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-Rspamd-Queue-Id: 4Pv0N92xGkz49Qb X-Spamd-Bar: ---- X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[]; ASN(0.00)[asn:35612, ipnet:78.134.0.0/17, country:IT] X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-ThisMailContainsUnwantedMimeParts: N On 4/8/23 16:40, Helge Oldach wrote: > I wonder why that would provide anything useful though. Main reason is to react to port scans or swiping attempts at well-known service. I.e. Someone (or some bot) connect to port 22, 25, 110, etc... when there's no such service available and he/she/it gets banned. I too am wondering whether this still makes sense today (after more that 20 years since portsentry was conceived). Yey I'm currently tasked to replace it, with possible questions being asked later :) bye & Thanks av.