Robert Spangler on 31 Jan 2011 12:23:27 -0800


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] iptables question


On Monday 31 January 2011 14:57, you wrote:

>  On 1/31/2011 2:16 PM, Robert Spangler wrote:
>  > While logging is good thing, to much logging is a nightmare.  For the
>  > simple reason you fill up your logs with information that is useless and
>  > going over the logs is a task because you have too much useless
>  > information in them. What do you care if someone is trying to log into
>  > port(s) you don't have open?
>
>  I'm confused what you mean by 'open ports' - Do you mean something that
>  has a service listening on it, or a port open in iptables?

You can have many programs listening on the system, this can be checked with 
netstat, but open to me mean open to the public.  In this case what is 
allowed to pass through the firewall.

>  I pretty much don't log anything. Way too much garbage and 99% of the
>  time there is a problem it's reproducible when I can watch it with
> tcpdump.

Very true.


-- 

Regards
Robert

Linux
The adventure of a lifetime.

Linux User #296285
Get Counted
http://counter.li.org/
___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug