Rob Wultsch said:
>
> Excellent point by you. However I was meaning straight networking
> issues.
>
> Where is the log for failed ssh connections? (debian)

I don't know for sure with Debian since I have not used it.  The basic
logs to check are usually at /var/log/secure or some distros don't have a
separate security log and put it with everything else in
/var/log/messages.

> Is there a difference between not running a service and have a
> firewall on linux?

Yes, though I am not a network guy so my answer here may be a bit shallow.

Not running a service that you don't need is an excellent practice.  When
a service is running, it is listening on a network port for connections. 
That leaves an open port for someone to attempt entry.  When the service
is not running, noone is listening on that port.

A firewall has more flexability and adds a layer of control above the
services.  In other words, if you left a service running but the firewall
has it's port closed, the service cannot recieve connections.  The
firewall will not allow it.  With a firewall you can close all ports and
then just open the ones you want.

For example, I like to use bittorrent to download new distros or legal
music.  However, I don't want the ports it uses open all the time.  So,
when I want to use it, I open the ports in my firewall.  Then, when I am
done, I remove those ports from the open list, closing them.  If I forget
to stop the bittorrent service, I am safe because the firewall shut the
door.

Alan



---------------------------------------------------
PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change  you mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss