also sprach Richard Hector <[EMAIL PROTECTED]> [2002.12.07.0030 +0100]:
> I'm not saying it's a bad idea; I'm just saying I don't know how to do
> it. Any suggestions?
snort.
and i'd go as far as to log everything that the firewall drops and
then add rules to drop certain packets without logging
On Sat, Dec 07, 2002 at 12:30:34PM +1300, Richard Hector wrote:
> I'm not saying it's a bad idea; I'm just saying I don't know how to do
> it. Any suggestions?
apt-get install ippl logcheck
--
.''`. Baloo <[EMAIL PROTECTED]>
: :' :proud Debian admin and user
`. `'`
`- Debian - when
Richard Hector said:
> I get stuck in a loop when I try to figure out what to monitor.
totally depends on what you WANT to monitor really and how much
time you want to spend doing it. My home network I recently revamped
everything so it is monitored like a hawk (see http://monitor.aphroland.org
b
martin f krafft said:
> also sprach nate <[EMAIL PROTECTED]> [2002.12.06.0136 +0100]:
>> firewall-and-forget.
>
> maybe for a private system. this is *not* the way to practice
> security. security involves ongoing monitoring.
this is the best way if you have limited resources. Why should I care
ab
On Sat, 2002-12-07 at 10:59, martin f krafft wrote:
> also sprach nate <[EMAIL PROTECTED]> [2002.12.06.0136 +0100]:
> > firewall-and-forget.
>
> maybe for a private system. this is *not* the way to practice
> security. security involves ongoing monitoring.
I get stuck in a loop when I try to figu
also sprach nate <[EMAIL PROTECTED]> [2002.12.06.0136 +0100]:
> firewall-and-forget.
maybe for a private system. this is *not* the way to practice
security. security involves ongoing monitoring.
--
.''`. martin f. krafft <[EMAIL PROTECTED]>
: :' :proud Debian developer, admin, and user
On Thu, Dec 05, 2002 at 04:36:09PM -0800, nate wrote:
> If you try to inquire about every blocked packet on
> your firewall, someday you may be spending all your free time doing it.
Not to mention making you look like an idiot to your ISP's support
staff and make them live in fear of having to sit
John Conover said:
>
> Does anyone have any idea what the following in syslog means:
>
> Dec 5 14:58:01 themachine kernel: Packet log: input DENY ppp0 PROTO=0
> 0.0.0.0:65535 0.0.0.0:65535 L=40 S=0x00 I=55674 F=0x T=64 (#8)
>
> What's PROTO 0, IP address 0.0.0.0?
proto 0 is IP (check /etc
Does anyone have any idea what the following in syslog means:
Dec 5 14:58:01 themachine kernel: Packet log: input DENY ppp0 PROTO=0
0.0.0.0:65535 0.0.0.0:65535 L=40 S=0x00 I=55674 F=0x T=64 (#8)
What's PROTO 0, IP address 0.0.0.0?
Thanks,
John
BTW, its a ppp dialup c
9 matches
Mail list logo
