On Nov 29, 9:09 am, "Richard B. Gilbert" <[EMAIL PROTECTED]> wrote:
> My LinkSys BEFSR81 logs all the attempts it blocks but without time > stamps since it doesn't have any facilities for keeping time. > > If I did get time stamps, what would I do with them? There is nothing > whatever that I can do about the attempts to get into my network except > run a router/firewall that blocks them. > > If what these people are doing were actionable, there might be some > point. AFAIK it's not and even if it were, it would be impractical for > me to track down the perpetrators and haul them into court. As long as > nobody succeeds in a break-in attempt, I'm not going to worry about it. A few years ago, we noticed port scanning in our firewall logs coming from another company. We have them the time range and the IP addresses, and they were able to track it down and stop it. Also, companies that accept credit cards mey be required by PCI-DSS to maintain time-stamped firewall logs for at least a year. There are a great many small businesses that accept credit cards which might also have a wireless router/firewall on the interent. My basic point: time-stamped logs do often contain actionable information, and are often required by industry or governmental regulations in many cases. They also make good sense, as thay can help correlate network events for debugging purposes. _______________________________________________ questions mailing list [email protected] https://lists.ntp.org/mailman/listinfo/questions
