Date: Sun, 9 Aug 1998 08:40:55 +0200 From: Eivind Eklund <eivind@yes.no> To: Kris Kennaway <kkennawa@physics.adelaide.edu.au>, security@FreeBSD.ORG Subject: Re: Capturing IPFW denied packets Message-ID: <19980809084055.46112@follo.net> In-Reply-To: <Pine.OSF.3.90.980809145527.30908A-100000@bragg>; from Kris Kennaway on Sun, Aug 09, 1998 at 03:03:59PM %2B0930 References: <Pine.OSF.3.90.980809145527.30908A-100000@bragg>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, Aug 09, 1998 at 03:03:59PM +0930, Kris Kennaway wrote: > Is there any way I can set things up to log the contents of the packets > which fail the ipfw filter? By using a divert socket instead of a deny rule, probably. You might need some extra skipto rules to be able to make this work. > Can anyone think of legitimate reasons these sites might want to know my > identity or information about my DNS, other than trying to harvest > addresses for spammers? For the DNS, I can see the wish to log with verified DNS - it is used to check against anybody that might attempt to attack their computer, and showing a spoofed/changed DNS can be fairly helpful. I can see no reason for identd. Use whois to find out who the guy that own the web-site is, and call him on the phone and ask. Eivind. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19980809084055.46112>