|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: Getting port scans while I would think that the system that i s sc anned is not reachable because of my pf rules
From: knitti (knitti
gmail.com)
Date: Mon Feb 07 2005 - 11:29:50 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Mon, 7 Feb 2005 16:44:14 +0100, forums <forumvanleeuwen.nl> wrote:
> " Someone " is not telling me that it is leaking :-) I control that Fw
> myself and i see the entry's getting in the log file. This message is part
> of a longer message...
someone is in this case the log of you back fw. you didn't see the
actual traffic.
so you don't know what traffic caused this log entry.
I see following possibilities:
1) some unwanted traffic (are you sure its from outside?) caused the log
entries.
obviously, contemplation your logs and your pf.conf doesn't yield enough info
2) some wanted traffic caused the log entries. that would be a configuration
issue of your back fw.
3) no traffic caused the log entries. back fw broken.
not enough info to compute
--knitti
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]