> That is right. We don't firewall everything under the sun, for what its
> worth. However, we definitely look at the firewall logs if the network
> slows to a crawl. Generally, it is some bright soul downloading MP3s (and
> having a dozen messenger windows open at the same time). An ipchains rule
> to restrict that guy to the LAN (where he can get his mails anyway) solves
> things ;)
>
> For example, a look at the firewall logs today showed outgoing connection
> attempts being made to some weird port on what appears to be a linux box
> on a cablemodem. That machine had an MTX worm which had backdoored it.
> Coincidentially, the guy whose machine it is practically lives on irc (we
> have not firewalled port 6667 at least).
>
Point illustrated - you will always be an inch short - Nobody wins. What
really helped you there were not your restriction, but your alertness in
continuously monitoring.
Ashwin
----------------------------------------------
Find out more about this and other Linux India
mailing lists at http://lists.linux-india.org/
