Consultez la section "Why use Portsentry?" de ce tutoriel pour un guide detaille étape par etape.

Comment prerequisites ?

Consultez la section "Prerequisites" de ce tutoriel pour un guide detaille étape par etape.

Comment installation ?

Consultez la section "Installation" de ce tutoriel pour un guide detaille étape par etape.

Comment configuration ?

Consultez la section "Configuration" de ce tutoriel pour un guide detaille étape par etape.

Comment step 1: Choose the ports to monitor ?

Consultez la section "Step 1: Choose the ports to monitor" de ce tutoriel pour un guide detaille étape par etape.

Comment step 2: Configure the blocking action ?

Consultez la section "Step 2: Configure the blocking action" de ce tutoriel pour un guide detaille étape par etape.

Comment step 3: Specify the blocking command ?

Consultez la section "Step 3: Specify the blocking command" de ce tutoriel pour un guide detaille étape par etape.

Comment step 4: Enable advanced mode ?

Consultez la section "Step 4: Enable advanced mode" de ce tutoriel pour un guide detaille étape par etape.

Security

Difficulty: Advanced

4 min read 18/06/2026

Portsentry: Port Scan Detection

Tutorial to install and configure Portsentry, a tool that detects port scans and blocks attackers' IP addresses.

Back to tutorials

What is Portsentry?
Portsentry is a proactive defense tool that acts as a "honeypot". It listens on TCP and UDP ports that you do not use. If an attacker attempts to connect to one of these ports (which is typical of a reconnaissance scan), Portsentry detects it immediately and can block the attacker's IP address at the firewall level.

Why use Portsentry?

Early detection: A port scan is often the very first step of an attack. Detecting it lets you block an attacker before they even find a real vulnerability.
Deterrence: Automatically blocking scanners reduces the "noise" in the logs and discourages automated attacks.
Lightweight: Consumes very few resources.

Prerequisites

A Linux server (Ubuntu/Debian, CentOS/RHEL).
Root access or sudo privileges.
A firewall such as iptables or firewalld.

Premium Content

This advanced tutorial is reserved for premium members.

9,90€ / month

All advanced tutorials
New content every week
Progress tracking
Cancel anytime

Written by

Morgann Riu

Cybersecurity and Linux administration expert. I share my knowledge through free tutorials and training to help system administrators and developers secure their infrastructures.

My profile LinkedIn GitHub

Did you enjoy this article?

Portsentry: Port Scan Detection

Why use Portsentry?

Prerequisites

Premium Content

Morgann Riu

Comments

Recommended for you

Snort : Détection d'intrusion réseau (NIDS)

Suricata : IDS/IPS réseau haute performance

iptables : Configurer un Pare-feu sur Linux

UFW : Pare-feu simple pour Linux

In-depth article on the topic

Checklist Sécurité Linux