Boston Linux & Unix (BLU) Home | Calendar | Mail Lists | List Archives | Desktop SIG | Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings
Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU

BLU Discuss list archive


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

ipchains logs and nmap audit



I have several ipchain rules. One of them is:

ipchains -A input -i ppp0 -p TCP --destination-port 21 -l -j DENY

Why are these ipchains not doing any logging?  I do have the -l option
invoked for logging. The packet is supposed to be denied at the IP level
and then logged into syslog. When I try to connect from another address to
the IP address of the ppp0 interface, nothing gets logged. Instead, the tcplogd daemon
captures it into the log. tcplogd is an application level filter and not at IP level.
Why is this ipchains rule (and others) not getting logged?

The kernel is 2.2.14.

None of the connections to the services are getting logged by ipchains filters.

I have used nmap on the ppp0 interface and yet it is not getting logged.

How are you auditing your services on the ppp0 interface? What options in ipchains
are you using to do the logging?
 
Thank you in advance.

Subba Rao
subb3 at attglobal.net
http://pws.prserv.net/truemax/

 => Time is relative. Here is a new way to look at time. <=
http://www.smcinnovations.com

-
Subcription/unsubscription/info requests: send e-mail with
"subscribe", "unsubscribe", or "info" on the first line of the
message body to discuss-request at blu.org (Subject line is ignored).




BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!



Boston Linux & Unix / webmaster@blu.org