[NTLUG:Discuss] 3 questions

Cameron, Thomas Thomas.Cameron at bankofamerica.com
Fri Jul 16 08:29:52 CDT 2004 

1)  Canna is really only used to render Japanese like Kanji, Hirigana and I forget the third one.  I always turn it off and have never seen a negative impact.

2)  I have no experience with tarpit, but you can make life tough for portscanner script kiddie by setting your iptables rules to drop rather than reject.  A port scan will take exponentially longer and still yield nothing helpful to the scanner.

3)  I turn ISDN off and have seen no negative impact.

Your mileage may vary.

Thomas Cameron, RHCE, CNE, MCSE, MCT
Assistant Vice President
Bank of America
Linux Design and Engineering

The opinions expressed in this message are mine and do not necessarily reflect those of my employer, Bank of America.

-----Original Message-----
From:	discuss-bounces at ntlug.org on behalf of Wayne Dahl
Sent:	Thu 7/15/2004 10:11 PM
To:	NTLUG
Cc:	
Subject:	[NTLUG:Discuss] 3 questions
I have 2 questions.  

1.  I'm running RH 8.0 and Canna is running on this machine.  When I
look at services, Canna is described as Canna Japanese Conversion
Engine.  Is there some reason it would be running on this machine and
would it be ok to shut it down forever?  I have no need to convert
anything from Japanese to anything else.  I know I'm showing my
ignorance here, but is there some compelling reason it should be
running?  If not, I'll shut it off.

2.  Since I read an article on the Linux Journal website about a cool
utility used by IPTables called Tarpit, I've been intrigued about using
it.  I just checked the logs on my Smoothwall firewall and found a whole
BUNCH of port 445 scans from various and sundry sources...not to mention
a couple of full port scans from one particular source.  This is
motivating me to attempt to use Tarpit to discourage scans to my
particular machine.  Has anyone else here used it and if so, what is
your experience with it?  Can anyone recommend a good book on
configuring IP tables/IP chains?

3.  Another service I see running is ISDN.  I don't have ISDN, have no
ISDN devices (that I'm aware of) and see no reason for that to be
running either.  Will it be ok to shut that off and leave it off?

Thanks in advance,

-- 
Wayne Dahl
Registered Linux User # 347549
No electrons were abused in any way by any Micro$oft 
product in the composition of this e-mail.


_______________________________________________
https://ntlug.org/mailman/listinfo/discuss

More information about the Discuss mailing list