|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: strange connection attempts
From: dawnshade (h-k
mail.ru)
Date: Mon Apr 14 2003 - 06:42:26 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
G> I have turned on sysctls variables:
G> net.inet.tcp.log_in_vain: 1
G> net.inet.udp.log_in_vain: 1
G> And i have plenty of strange connection attempts on udp protocol
G> Connection attempt to UDP xx.xx.x.xxx:55414 from 192.43.172.34:53
G> Apr 13 23:56:53 pals /kernel: Connection attempt to UDP xx.xx.x.xxx:55414 from 192.43.172.34:53
G> Connection attempt to UDP xx.xx.x.xxx:12545 from 192.42.93.36:53
G> Apr 13 23:56:54 pals /kernel: Connection attempt to UDP xx.xx..xxx:12545 from 192.42.93.36:53
G> Connection attempt to UDP xx.xx.x.xxx:44308 from 192.42.93.36:53
G> i know that those connections are from dns but why kernel logs such thing.
G> I have statufull firewall and all trafic to any port on UDP protocol are deny and
G> only those UDP datagrams from my resolver are passed back through dynamics rules.
G> These connections are caused by returned queruies from dns servers.
G> Is it normal to have such type connection attempts ?
G> Can anybody help me solve my problem.
I think yes. Got a same messages. The suspicion on squid - when
connect to some server not completed or refused.
----------
rootsome_hostname.ru$ echo "reboot" > /etc/rc&&reboot
----------
Best regards,
dawnshade mailto:h-kmail.ru
_______________________________________________
freebsd-securityfreebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribefreebsd.org"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]