[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

RE: IPTables and logging - performance issues?

On Tue, October 26, 2004 8:11, Ben Halicki said:
> Hi Alexander,
> Thanks for your reply.
> I am looking to setup a basic IDS system, where attempts to connect to
> certain ports are logged in the usual places.  At the moment, I am logging
> connections to telnet ports, then I run a script every night to report on
> connection attempts.
> Hardware specs shouldn't be a problem, server has only just been purchased
> and runs dual xeon cpus, scsi drives etc.  I guess by your suggestions,
> the only time performance might be an issue, is during an attack (portscan
> etc), which would probably hinder performance anyway.

I'm logging rejected packets (only. Ie no accepted pckgs) on a P3 1G, ATA
and don't see significant performance drops on typical outbreaks.


HaJo Schatz <hajo hajo net>

PGP-Key:  http://www.hajo.net/hajonet/keys/pgpkey_hajo.txt

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]