Hey Harm, As it is an old machine I hope you have a backup. It could be your disk is also on the way out if it is making such a racket. Although I admit I also have polling every 3 seconds from edonkey 4662 port. It is a real bind. Peter -- [EMAIL PROTECTED] FR Mobile: +33 (0)6 0874 8707(preferred) UK Mobile: +44 (0)7960 160 173 Msg service: voice: +44 (0)7050 685 985 fax__: +44 (0)7050 685 986 Oracle Architect Latest CV http://www.lomax.cc/users/peter/business_section.htm
-----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of H.J.Bathoorn Sent: 13 March 2003 00:53 To: [EMAIL PROTECTED] Subject: Re: [newbie] Firewall logs getting too big On Tuesday 11 March 2003 13:34, mycal62 wrote: > this is what that port does : > > efs 520/tcp extended file name server > router 520/udp local routing process (on site); > # uses variant of Xerox NS routing > # information protocol - RIP > > here's a handy reference to all ports and their use : > > http://www.iana.org/assignments/port-numbers > > Mike I've been there, though I must admit I'm not sure what exactly is meant by (on site). My poblem is how to get rid of all these log entries. Reading the logs isn't the real problem 'cause filtering out port 520 using "grep -v" works quit well. When the (400Mb) HD gets to 100% full everything gets quiet but then I don't get anymore logs. Like I said all this logging activity makes a lot of noise as well. My firewall is an old P133 with smoothwall on it. AL the fans have been removed leaving only the HD that physically moves/makes noise and I've even packed that in isolation foam. Especially early mornings, when I feel lucky if I find the coffee machine without falling down the cellar-stairs first, I tend to get nerved by the clicketyclicking. Frankly, those are the realy serious mornings 'cause we don't even have a cellar here being below sea-level:o( I would like to block these scans from my ISP but like I said I'm not sure what the consequences might be. These boxes are up 24/24 and I'm away quite often i.e. don't have physical acces so I have to be 100% sure of what I'm doing. Not logging these scans was a sort of compromise (with maybe a slight risk) from my point of view but I don't know how to do that. Good hunting, HarM
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
