|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Andrew Thompson (andy_at_fud.org.nz)
Date: Mon Feb 17 2003 - 23:06:35 CST
On Tue, 2003-02-18 at 15:17, Douglas K. Rand wrote:
> I've been playing with MessageWall on one of our systems, and I
> noticed that we've been getting a lot of messages like:
>
> Connection attempt to UDP <our-ip>:<port-above-1024> from <ip-addr-in-resolv.conf>:53
>
> in our logs. I have log_in_vain="YES" in my /etc/rc.conf, which sets:
>
> net.inet.tcp.log_in_vain: 1
> net.inet.udp.log_in_vain: 1
>
> Has anybody else noticed this, and is there a solution other than
> "Ignore those log messages" or "Unset net.inet.udp.log_in_vain"? (Both
> of these solutions /are/ fairly reasonable.)
>
I believe this is caused when the dns server is slow/overloaded, the
resolver queries the server but the packet arrives back after the local
port is closed.
Andy
To Unsubscribe: send mail to majordomo
FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]