On Friday 20 June 2003 11:27, Steffen Dettmer wrote:
- Peter Wiersig wrote on Thu, Jun 12, 2003 at 12:27 +0200:
( Why do people log their drop after the deployment phase of their ruleset? I do that only when I'm experiencing strange connect problems. )
I log it, too :-)
But nobody could explain me, why I have *no* logs when I use a 2.4.21-rc7-grsec kernel. I do nothing else than change the kernel in the boot menu of grub. When I start the original SuSE-kernel, I get logs, when I start the grsec-kernel I don't. I also tried a grep -r <IP> /var/log/* and looked for an external IP which scanned my machine. There is no other file which stores the scans. So is there a kernel option in the SuSE-kernel which is needed for logging? nmap -v -P0 <IP> says: All 1601 scanned ports on x.x are: filtered Don't scan the ip in my mailheader for a test, it is a dynamic IP! Al