> I have activated the firewall for my machine through
> setup->firewall configuration menu. Now, I know it's working
> because I did a probe on may machine a www.grc.com before and
> after enabling the firewall, before the activation of the
> firewall some ports were just "closed" now all the tested ports
> were "stealth", so the firewall works.
>
> My problem is that scanning attempts don't seem to be logged.
> Were are these scans logged by the firewall and what should I do
> (if anything) to start logging them ?
>
> And another question, does the forewall setup tool from rh 7.1
> use iptables or ipchains ?
>
ipchains.
Personally, I find iptables to be superior, so I build my own firewall
with iptables, and do not depend on the RH 7.1 installation method.
Portsentry is supposed to do a nice job of logging scan attempts.
Jim
|
