Re: Logging port numbers

p.s. Though this does beg the question: how useful is it to log port
numbers when there's a very good chance that one or both ends are
behind one or more layers of NATs that don't log state changes?  I
understand and agree with the notion that LSN will dilute the value
of IP addresses as source identifiers.  But as far as I can tell,
they are already of pretty marginal value even without LSN.


I'm sitting in a meeting talking about this very topic (LSN) with
people from organizations that manage a lot of users and a lot of
address space, and the consensus is that there will be enough logging
at the NAT end that it's worth logging the ports.

R's,
John

<Prev in Thread]	Current Thread	[Next in Thread>
Re: Logging port numbers, (continued) Re: Logging port numbers, Alessandro Vesely Re: Logging port numbers, John Levine Re: Logging port numbers, Keith Moore RE: Logging port numbers, Murray S. Kucherawy Re: Logging port numbers, Keith Moore Re: Logging port numbers, Hector Santos Re: Logging port numbers, John C Klensin Re: Logging port numbers, Richard Clayton Re: Logging port numbers, John Levine Re: Logging port numbers, Keith Moore Re: Logging port numbers, John Levine <= Re: Logging port numbers, J.D. Falk Re: Logging port numbers, Tony Finch Re: Logging port numbers, Mark Martinec Re: Logging port numbers, John Levine

Previous by Date:	Re: Logging port numbers, Keith Moore
Next by Date:	Re: Logging port numbers, Tony Finch
Previous by Thread:	Re: Logging port numbers, Keith Moore
Next by Thread:	Re: Logging port numbers, J.D. Falk
Indexes:	[Date] [Thread] [Top] [All Lists]