Date: Fri, 25 Feb 2005 09:24:30 -0500 From: Steven Howe <showe@metrocastcablevision.com> To: Cody Holland <cholland@redmoonbroadband.com> Cc: questions@freebsd.org Subject: Re: Kernel Log Message Message-ID: <421F351E.1090801@metrocastcablevision.com> In-Reply-To: <4B3EE484EEA4F344BBB62F83164899860F67B7@corpsrv.RedMoon.local> References: <4B3EE484EEA4F344BBB62F83164899860F67B7@corpsrv.RedMoon.local>
next in thread | previous in thread | raw e-mail | index | archive | help
Your machine is getting hit with a lot of SYN packets, and sending RST packets in return (lots of them) this is usually dude to a portscan, but may be different in your situation. To stop it, add the following lines to /etc/sysctl.conf net.inet.tcp.blackhole=2 net.inet.udp.blackhole=1 Regards, stevenrh Cody Holland wrote: >I keep getting the following kernel log messages in my daily security >run output. >xxx.xxx.xxx.xxx kernel log messages: > > >>Limiting closed port RST response from 283 to 200 packets/sec Limiting >> >> > > > >>closed port RST response from 283 to 200 packets/sec Limiting closed >>port RST response from 235 to 200 packets/sec Limiting closed port RST >> >> > > > >>response from 256 to 200 packets/sec Limiting closed port RST response >> >> > > > >>from 275 to 200 packets/sec Limiting closed port RST response from 256 >> >> > > > >>to 200 packets/sec Limiting closed port RST response from 284 to 200 >>packets/sec Limiting closed port RST response from 262 to 200 >>packets/sec Limiting closed port RST response from 254 to 200 >>packets/sec Limiting closed port RST response from 277 to 200 >>packets/sec Limiting closed port RST response from 254 to 200 >>packets/sec Limiting closed port RST response from 286 to 200 >>packets/sec Limiting closed port RST response from 254 to 200 >>packets/sec Limiting closed port RST response from 221 to 200 >>packets/sec Limiting closed port RST response from 263 to 200 >>packets/sec Limiting closed port RST response from 262 to 200 >>packets/sec Limiting closed port RST response from 264 to 200 >>packets/sec Limiting closed port RST response from 234 to 200 >>packets/sec Limiting closed port RST response from 233 to 200 >>packets/sec Limiting closed port RST response from 256 to 200 >>packets/sec Limiting closed port RST response from 283 to 200 >>packets/sec Limiting closed port RST response from 254 to 200 >>packets/sec Limiting closed port RST response from 233 to 200 >>packets/sec Limiting closed port RST response from 262 to 200 >>packets/sec Limiting closed port RST response from 283 to 200 >>packets/sec Limiting closed port RST response from 283 to 200 >>packets/sec Limiting closed port RST response from 254 to 200 >>packets/sec Limiting closed port RST response from 233 to 200 >>packets/sec Limiting closed port RST response from 262 to 200 >>packets/sec Limiting closed port RST response from 253 to 200 >>packets/sec Limiting closed port RST response from 262 to 200 >>packets/sec Limiting closed port RST response from 276 to 200 >>packets/sec Limiting closed port RST response from 253 to 200 >>packets/sec Limiting closed port RST response from 283 to 200 >>packets/sec Limiting closed port RST response from 257 to 200 >>packets/sec Limiting closed port RST response from 254 to 200 >>packets/sec Limiting closed port RST response from 236 to 200 >>packets/sec Limiting closed port RST response from 234 to 200 >>packets/sec Limiting closed port RST response from 262 to 200 >>packets/sec Limiting closed port RST response from 260 to 200 >>packets/sec Limiting closed port RST response from 253 to 200 >>packets/sec Limiting closed port RST response from 253 to 200 >>packets/sec Limiting closed port RST response from 283 to 200 >>packets/sec Limiting closed port RST response from 254 to 200 >>packets/sec Limiting closed port RST response from 234 to 200 >>packets/sec Limiting closed port RST response from 257 to 200 >>packets/sec Limiting closed port RST response from 283 to 200 >>packets/sec Limiting closed port RST response from 235 to 200 >>packets/sec Limiting closed port RST response from 283 to 200 >>packets/sec Limiting closed port RST response from 238 to 200 >>packets/sec Limiting closed port RST response from 283 to 200 >>packets/sec Limiting closed port RST response from 256 to 200 >>packets/sec Limiting closed port RST response from 263 to 200 >>packets/sec Limiting closed port RST response from 286 to 200 >>packets/sec Limiting closed port RST response from 256 to 200 >>packets/sec Limiting closed port RST response from 284 to 200 >>packets/sec Limiting closed port RST response from 265 to 200 >>packets/sec Limiting closed port RST response from 256 to 200 >>packets/sec Limiting closed port RST response from 275 to 200 >>packets/sec Limiting closed port RST response from 253 to 200 >>packets/sec Limiting closed port RST response from 233 to 200 >>packets/sec Limiting closed port RST response from 262 to 200 >>packets/sec Limiting closed port RST response from 234 to 200 >>packets/sec Limiting closed port RST response from 260 to 200 >>packets/sec Limiting closed port RST response from 285 to 200 >>packets/sec Limiting closed port RST response from 254 to 200 >>packets/sec Limiting closed port RST response from 233 to 200 >>packets/sec Limiting closed port RST response from 262 to 200 >>packets/sec Limiting closed port RST response from 276 to 200 >>packets/sec Limiting closed port RST response from 253 to 200 >>packets/sec Limiting closed port RST response from 262 to 200 >>packets/sec Limiting closed port RST response from 286 to 200 >>packets/sec Limiting closed port RST response from 233 to 200 >>packets/sec Limiting closed port RST response from 275 to 200 >>packets/sec Limiting closed port RST response from 233 to 200 >>packets/sec Limiting closed port RST response from 288 to 200 >>packets/sec Limiting closed port RST response from 233 to 200 >>packets/sec Limiting closed port RST response from 283 to 200 >>packets/sec Limiting closed port RST response from 233 to 200 >>packets/sec Limiting closed port RST response from 262 to 200 >>packets/sec Limiting closed port RST response from 283 to 200 >>packets/sec Limiting closed port RST response from 283 to 200 >>packets/sec Limiting closed port RST response from 283 to 200 >>packets/sec Limiting closed port RST response from 256 to 200 >>packets/sec Limiting closed port RST response from 283 to 200 >>packets/sec Limiting closed port RST response from 253 to 200 >>packets/sec Limiting closed port RST response from 233 to 200 >>packets/sec Limiting closed port RST response from 262 to 200 >>packets/sec Limiting closed port RST response from 283 to 200 >>packets/sec Limiting closed port RST response from 253 to 200 >>packets/sec Limiting closed port RST response from 240 to 200 >>packets/sec Limiting closed port RST response from 264 to 200 >>packets/sec Limiting closed port RST response from 262 to 200 >>packets/sec Limiting closed port RST response from 283 to 200 >>packets/sec Limiting closed port RST response from 283 to 200 >>packets/sec Limiting closed port RST response from 253 to 200 >>packets/sec Limiting closed port RST response from 257 to 200 >>packets/sec Limiting closed port RST response from 284 to 200 >>packets/sec Limiting closed port RST response from 236 to 200 >>packets/sec Limiting closed port RST response from 283 to 200 >>packets/sec Limiting closed port RST response from 253 to 200 >>packets/sec Limiting closed port RST response from 263 to 200 >>packets/sec Limiting closed port RST response from 283 to 200 >>packets/sec Limiting closed port RST response from 233 to 200 >>packets/sec Limiting closed port RST response from 276 to 200 >>packets/sec Limiting closed port RST response from 253 to 200 >>packets/sec Limiting closed port RST response from 234 to 200 >>packets/sec Limiting closed port RST response from 283 to 200 >>packets/sec Limiting closed port RST response from 285 to 200 >>packets/sec Limiting closed port RST response from 257 to 200 >>packets/sec Limiting closed port RST response from 283 to 200 >>packets/sec Limiting closed port RST response from 253 to 200 >>packets/sec Limiting closed port RST response from 233 to 200 >>packets/sec Limiting closed port RST response from 283 to 200 >>packets/sec Limiting closed port RST response from 254 to 200 >>packets/sec Limiting closed port RST response from 233 to 200 >>packets/sec Limiting closed port RST response from 263 to 200 >>packets/sec Limiting closed port RST response from 284 to 200 >>packets/sec Limiting closed port RST response from 220 to 200 >>packets/sec Limiting closed port RST response from 234 to 200 >>packets/sec Limiting closed port RST response from 262 to 200 >>packets/sec Limiting closed port RST response from 234 to 200 >>packets/sec Limiting closed port RST response from 283 to 200 >>packets/sec Limiting closed port RST response from 253 to 200 >>packets/sec Limiting closed port RST response from 283 to 200 >>packets/sec Limiting closed port RST response from 236 to 200 >>packets/sec Limiting closed port RST response from 247 to 200 >>packets/sec Limiting closed port RST response from 259 to 200 >>packets/sec Limiting closed port RST response from 272 to 200 >>packets/sec Limiting closed port RST response from 287 to 200 >>packets/sec Limiting closed port RST response from 256 to 200 >>packets/sec Limiting closed port RST response from 276 to 200 >>packets/sec Limiting closed port RST response from 253 to 200 >>packets/sec Limiting closed port RST response from 233 to 200 >>packets/sec Limiting closed port RST response from 283 to 200 >>packets/sec Limiting closed port RST response from 275 to 200 >>packets/sec Limiting closed port RST response from 235 to 200 >>packets/sec Limiting closed port RST response from 266 to 200 >>packets/sec Limiting closed port RST response from 233 to 200 >>packets/sec Limiting closed port RST response from 234 to 200 >>packets/sec Limiting closed port RST response from 263 to 200 >>packets/sec Limiting closed port RST response from 276 to 200 >>packets/sec Limiting closed port RST response from 234 to 200 >>packets/sec Limiting closed port RST response from 253 to 200 >>packets/sec Limiting closed port RST response from 233 to 200 >>packets/sec Limiting closed port RST response from 257 to 200 >>packets/sec Limiting closed port RST response from 241 to 200 >>packets/sec Limiting closed port RST response from 253 to 200 >>packets/sec Limiting closed port RST response from 234 to 200 >>packets/sec Limiting closed port RST response from 276 to 200 >>packets/sec Limiting closed port RST response from 253 to 200 >>packets/sec Limiting closed port RST response from 283 to 200 >>packets/sec Limiting closed port RST response from 253 to 200 >>packets/sec Limiting closed port RST response from 266 to 200 >>packets/sec Limiting closed port RST response from 283 to 200 >>packets/sec Limiting closed port RST response from 233 to 200 >>packets/sec Limiting closed port RST response from 268 to 200 >>packets/sec Limiting closed port RST response from 287 to 200 >>packets/sec Limiting closed port RST response from 262 to 200 >>packets/sec Limiting closed port RST response from 253 to 200 >>packets/sec Limiting closed port RST response from 276 to 200 >>packets/sec Limiting closed port RST response from 236 to 200 >>packets/sec Limiting closed port RST response from 255 to 200 >>packets/sec Limiting closed port RST response from 253 to 200 >>packets/sec Limiting closed port RST response from 275 to 200 >>packets/sec Limiting closed port RST response from 236 to 200 >>packets/sec Limiting closed port RST response from 285 to 200 >>packets/sec Limiting closed port RST response from 240 to 200 >>packets/sec Limiting closed port RST response from 279 to 200 >>packets/sec Limiting closed port RST response from 233 to 200 >>packets/sec Limiting closed port RST response from 226 to 200 >>packets/sec Limiting closed port RST response from 263 to 200 >>packets/sec Limiting closed port RST response from 284 to 200 >>packets/sec Limiting closed port RST response from 262 to 200 >>packets/sec Limiting closed port RST response from 233 to 200 >>packets/sec Limiting closed port RST response from 262 to 200 >>packets/sec Limiting closed port RST response from 286 to 200 >>packets/sec Limiting closed port RST response from 233 to 200 >>packets/sec Limiting closed port RST response from 233 to 200 >>packets/sec Limiting closed port RST response from 284 to 200 >>packets/sec >> >> > >Is this what it is supposed to show? > >Cody >_______________________________________________ >freebsd-questions@freebsd.org mailing list >http://lists.freebsd.org/mailman/listinfo/freebsd-questions >To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" > > > >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?421F351E.1090801>