You'll have to play around with the conf file. I changed my 333.444.555.666 to 127.0.0.1 -blackhole .....but it's been fine so far. Email me if you need help.

Seems to work ok. Stealth detection (via UDP) is only enabled in Linux at the moment. Read all about PortSentry here.

IMPORTANT:
I forgot to mention that you'll need to edit the /boot/home/config/etc/portsentry.conf file
Once you've opened it, do a search for BeOS and you'll get to here:
# BeOS
# KILL_ROUTE="/bin/route add $TARGET$ nm 255.255.255.255 gw 333.444.555.666 dev your_net_device"
#eg for my etherexpress:
KILL_ROUTE="/bin/route add $TARGET$ nm 255.255.255.255 gw 333.444.555.666 dev /dev/net/eepro100/0"
(if yours doesnt have the above just edit it)

Now you will have to add in your network card info. Mine is an intel etherexpress 100 so you can see where the info was in /dev/net. Change that to whatever yours is.

KNOWN BUGS:
I have found a bug which surfaces when someone tries to connect to port 111 (the rstatd):
This is the output from Snort, and PortSentry crashes when this occurs:
[**] [1:583:1] RPC portmap request rstatd [**]
[Classification: Attempted Information Leak] [Priority: 3]
10/21-03:41:51.782423 195.205.236.146:3466 - 127.0.0.1:111
PROTO017 TTL:35 TOS:0x0 ID:23619 IpLen:20 DgmLen:84
Len: 64
[Xref = http://www.whitehats.com/info/IDS10]
It could be that the two products don't work together. I havent been able to test this as i have to get some tools so i can replicate this scan.