Quote:
|
Originally Posted by Hagforce
What`s this one?:
Code:
tcp 0 0 static48.xxx.xx:41390 host196.101.vtm-net.ev:http ESTABLISHED 3044/freshclam
|
That's freshclam. It belongs to ClamAV and updates your virus signatures. Nothing to worry about.
Quote:
|
Originally Posted by Hagforce
Some other info in the logs that got me worried is that this happens every 30 min (from logcheck):
Code:
Mar 26 00:30:02 www proftpd[5430]: www.xxx.xxx (127.0.0.1[127.0.0.1]) - FTP session opened.
Mar 26 00:30:02 www proftpd[5430]: www.xxx.xxx (127.0.0.1[127.0.0.1]) - FTP session closed
|
That's the ISPConfig monitoring script that checks if the important services like web, ftp, etc. are still running. If it finds they aren't, the monitoring scripts sends you an email.
Quote:
|
Originally Posted by Hagforce
With dial up users and dhcp I can`t just put adresses in hosts.deny, wouldn`t this cause problems?.
|
It might cause problems if someone gets an IP address that's in /etc/hosts.deny.
Quote:
|
Originally Posted by Hagforce
Should I install a firewall to, in addition to the one in ISPConfig?.
|
No. You can use one firewall at a time, but not mix several ones.