Date: Sat, 7 Feb 2004 10:19:12 -0500 From: "JJB" <Barbish3@adelphia.net> To: "Benjamin Walkenhorst" <krylon@gmx.net>, <freebsd-questions@FreeBSD.org> Subject: RE: Strange connect attempts Message-ID: <MIEPLLIBMLEEABPDBIEGEEPPFJAA.Barbish3@adelphia.net> In-Reply-To: <20040207125111.645af687.krylon@gmx.net>
next in thread | previous in thread | raw e-mail | index | archive | help
First the message you are getting is issued by the log-in-vain sysctl knob. log-in-vain has bug where it does it's filter task on internal packets instead of just on the external interface. This bug has been reported many times and the maint team feels this is too trivial of an bug to fix. What is causing it is sendmail, every time you post mail to sendmail server it issues the biff packet to inform the local user that they have mail. This is the normal way sendmail works. You can customize sendmail and disable this function if you can figure out how to do that, or disable log-in-vain will also stop the messages. Log-in-vain is not really needed if you have firewall, as firewall sees all the packets coming in from the public internet first and drops these types of offending packets as technically invalid before the filter rules even get a chance at them. Best advice is disable Log-in-vain, and let system continue to function as normal without this Log-in-vain bug causing you any more false log messages problems. -----Original Message----- From: owner-freebsd-questions@freebsd.org [mailto:owner-freebsd-questions@freebsd.org]On Behalf Of Benjamin Walkenhorst Sent: Saturday, February 07, 2004 6:51 AM To: freebsd-questions@FreeBSD.org Subject: Strange connect attempts -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello everybody, Under FreeBSD 5.2-RELEASE on i386 I get lots of kernel messages like this one: Feb 7 12:38:01 neuromancer kernel: Connection attempt to UDP 127.0.0.1:512 from 127.0.0.1:49383 /etc/services has this to say on Port 512/udp: biff 512/udp comsat #used by mail system to notify users Is there any way I can get rid of these messages? From the fact they show up on my console, I assume port 512 is not open. Should I open it? The machine is on a local network with me being the only user, so security considerations aren't that important, really. =) On the other hand, what do I need it for? I'd rather have it just shut up. Any hints? Thank you very much, kind regards, Benjamin -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (NetBSD) iD8DBQFAJNEv/JWwsvZUqOwRAgDSAKCwb7MWx7N9mG+SSCK2f2ir5yLwHgCgghwR 3x7Wf9/ROmo2RIju7jUbNi0= =7a3+ -----END PGP SIGNATURE----- _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?MIEPLLIBMLEEABPDBIEGEEPPFJAA.Barbish3>