On Mon, 2003-01-06 at 14:47, Mark L. Kahnt wrote: > On Mon, 2003-01-06 at 12:45, nate wrote: > > Mark L. Kahnt said: > > > > > > mega-library had been on it, but still, 9 1/2 MiB of extra messages in > > > syslog over 18 hours is a *bit* much (I'm not tight for disk space on > > > > whats going in the log? how about making a firewall rule that drops the > > packets for that port and tell it NOT to log for that rule > > > > nate > > (running happily with 4 static ips for 2 years on his dsl) > > > > Just line after line of: > > <Date> <Time> localhost ippl: port 4662 connection attempt from <IP> > > combined with a similar one from tcplogd that has reverse dns. > > 101,363 yesterday over 18 hours - makes my hourly logcheck reports a > pain to dig through for anything else that might be happening, but I > don't want to start adjusting those rules to leave things unreported to > me, and it is still traffic pulling away from my system's productive > activities (and running seti@home.) Maybe I need a faster disk or better > bandwidth to it, or to not use ext3 on /var, but I'd *most* prefer if > EDonkey and such programs actually did eventually time out rather than > poking eternally at an unserviced port. Thanks to all who kicked in - both on list and directly. I've tended to run firewalls with logging set on automatically, so I'd been thinking that I'd only exchange one set of messages for another, and forgot that logging isn't necessarily required. This doesn't cut the bandwidth and servicing load to zero, but it should reduce it to the point that I can ignore these, umm, "individuals" that aren't able to see that I'm not their file exchanging buddy. Now, where was that list of IP addresses of spammers I'd written up? -- Mark L. Kahnt, FLMI/M, ALHC, HIA, AIAA, ACS, MHP ML Kahnt New Markets Consulting Tel: (613) 531-8684 / (613) 539-0935 Email: kahnt@hosehead.dyndns.org
Attachment:
signature.asc
Description: This is a digitally signed message part