[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] Portsentry/IPChains Log Entries

Subject: Re: [cobalt-users] Portsentry/IPChains Log Entries
From: flash22@xxxxxxx
Date: Mon Feb 5 20:32:04 2001
List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>

On Mon, 5 Feb 2001, Zeffie wrote:

> 
> > Q: I've installed IPChains, Portsentry and Logcheck and have Portsentry
> > dropping into IPChains on scans. I'm trying to figure out how to have
> > Portsentry/IPChains ignore a certain IP range <the ignore files doen't
> seem
> > to work>... It seems that another system that shares our network
> connection
> > keeps littering our logs with entries <from port 137/138>.. We've tried
> > everything possible to stop this logging as the logs easily reach 50 megs

> Wack them~!!!!
> If someone was hitting my box with that much stuff I'd take them off the
> net.

Really Zeffie, i'd hardly recommend that -/

Seriously tho, this should be an ISP issue, any decent provider should be
able to route that machine into oblivion for you, i thing you are trying
to find a technical solution to an administrative problem..

Even if you manage tomake your machine ignore the incoming data, it's
wasting your bandwith and increasing latency, and giventhe port number the
machine is probably compromised (or will be ;)and the owner needs to know
that or have it explained to him...

g

Follow-Ups:
- Re: [cobalt-users] Portsentry/IPChains Log Entries
  - From: Zeffie

References:
- Re: [cobalt-users] Portsentry/IPChains Log Entries
  - From: Zeffie

Prev by Date: [cobalt-users] Can I use Raq3 as Firewall with 3 NICs cards?
Next by Date: RE: [cobalt-users] Bind Update: Anyone installed it?
Previous by thread: Re[2]: [cobalt-users] Portsentry/IPChains Log Entries
Next by thread: Re: [cobalt-users] Portsentry/IPChains Log Entries

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index