[CS-FSLUG] Firewall fights
Ritchie, Josiah S.
jritchie at bible.edu
Wed Jan 25 11:37:16 CST 2006
> -----Original Message-----
> From: Christiansource-bounces at ofb.biz [mailto:Christiansource-
> bounces at ofb.biz] On Behalf Of Ed Hurst
>
> Tim Young wrote:
>
> > If it is worth it, I can get the answer in a week. But, if nothing
> > else, you can safely ignore the ACK-RST for now.
>
> You know, I've read at least two dozen articles and comments on that,
> but not one of them made as much as sense as you just did.
>
> Ignoring it is fine, but how do I tell my firewall to quit logging
that
> so I can concentrate on detecting genuine threats? I realize you may
not
> have a simple concrete answer for that. I'm not going to be modifying
a
> Linux kernel, so that's out.
>
> Anyway, thanks for the explanation.
A little grep work against the log should strip it out of view so you
don't see it and still provide you with everything else. This would also
allow you to add other things that you decide you can ignore over time
to reduce the time it takes to review. You know how to use grep?
JSR/
More information about the Christiansource
mailing list