Re: [m0n0wall] Risky Ports to keep a lookout for

From:	Michel Servaes <michel at mcmc dot be>
To:	Monowall User List <m0n0wall at lists dot m0n0 dot ch>
Subject:	Re: [m0n0wall] Risky Ports to keep a lookout for
Date:	Thu, 07 Feb 2008 00:57:11 +0100

So,

If I understand correctly, if you open up RDP traffic to a certrain 
server or computer, you do activate the log ?
Or if you do have pcAnywhere or VNC added to this list, you activate 
only actively opened ports only ?

kind regards,

Mathias BurÃ©n schreef:
> Why would this matter? If you don't have a service listening on the 
> port, then you shouldn't care if that port is scanned O,o
>
>
> 2008/2/6, Michel Servaes <michel at mcmc dot be <mailto:michel at mcmc dot be>>:
>
>     Hi,
>
>     Since m0n0wall logs to much information, when setting the default rule
>     to log activity to on, I was wondering if you guys mind sharing what
>     ports would be interesting to monitor to the log ?
>     Currently I have disabled logging on the default rule, and have
>     added a
>     rule to block ping requests... with the logging enabled.
>
>     That way I have an idea who is pinging me... not important, but just a
>     way to know which ip is pinging me...
>
>
>     So, now I would like to know what you guys in general would like
>     to know
>     what protocol or port has being tried to access...
>
>     Kind regards,
>     Michel
>
>     ---------------------------------------------------------------------
>     To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
>     <mailto:m0n0wall dash unsubscribe at lists dot m0n0 dot ch>
>     For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>     <mailto:m0n0wall dash help at lists dot m0n0 dot ch>
>
>