El mar, 28 de 09 de 2004 a las 16:21, Aleksandar Milivojevic escribiÃ: > Use the LOG target. > > However, if this is your firewall host toward Internet, are you sure you > want to log *everything* that is dropped? There are so many worms and > automatic scanning tools out there that your logs will get *huge* with > nothing but crap very fast. This is especially true for Windows > specific TCP and UDP ports. Anything that might be interesting will get > completely lost in all that noise. He could use the -m limit match to limit the number of logs he is having. It's interesting to do so for ports like 445 and so. -- Jose Maria Lopez Hernandez Director Tecnico de bgSEC jkerouac@xxxxxxxxx bgSEC Seguridad y Consultoria de Sistemas Informaticos http://www.bgsec.com ESPAÃA The only people for me are the mad ones -- the ones who are mad to live, mad to talk, mad to be saved, desirous of everything at the same time, the ones who never yawn or say a commonplace thing, but burn, burn, burn like fabulous yellow Roman candles. -- Jack Kerouac, "On the Road"
