Almost every hacker has to make several attempts and needs some time before achieving success. To protect your server, you not only need hacker-resistant software, but you need log files that the software can use to detect unauthorized login attempts.
Because of this, it does not make sense to deter only unauthorized access attempts. To maintain optimal system security, you need to record failed and unauthorized connection attempts.
To shut off a service but still retain its logging functions, configure only_from without using any additional parameters (such as the following):
Logging through xinetd is controlled by the log_type statement along with the attributes log_on_success and log_on_failure.
These let you record from which host and for how long an access attempt was made, and which user was using the service (if the remote host supports this feature).
In addition, you can also log the circumstances of how and why the network service was used. However, even the best log does not mean much if you do not check it on a regular basis for failed connection attempts.
Was this article helpful?