[Nottingham] Re: CyberKit

Robert Davies rob_davies at ntlworld.com
Fri Sep 26 08:07:33 BST 2003


On Thursday 25 Sep 2003 21:59, Graeme Fowler wrote:
> On a followup note, I've given up logging firewall violations. I'm happy
> that mine stops access, so that's all I care about. As long as I don't
> have massive packet loss to the next two or three hops, I frankly don't
> care what people throw at me. I'd love to spend ages bothering upstreams
> about it, but I just can't be bothered any more :(

Yep, excessive logging becomes a self-DoS during incident conditions.  I do 
use rate limitted logging from netfilter/iptables which is useful for when  
debugging new services, but it's yonks since I had to do that.

Rob




More information about the Nottingham mailing list