John A. Sullivan III wrote: > Hope this helps - John
it does ! but :
if i 'tail -f' my web server access log and the iptables log, I notice those "port_scan" are done when visitors are visiting my site : same time, same IP. I dont think each visitor would want to hack me.
My conclusion is my rule is not very good, as well as the logged packet is dropped, it would decrease accuracy of the website. What should i do to make it better ? I still want to keep port scan prevention, but want to avoid dropping non-offending packets ... but if you think the website accuracy wouldnt be down for that reason, i will keep it as it is ...
--
Rakotomandimby Mihamina Andrianifaharana
Tel : +33 2 38 76 43 65
http://stko.dyndns.info/site_principal/Members/mihamina
