From owner-freebsd-security  Wed Sep  3 01:43:11 1997
Return-Path: <owner-freebsd-security>
Received: (from root@localhost)
          by hub.freebsd.org (8.8.7/8.8.7) id BAA00319
          for security-outgoing; Wed, 3 Sep 1997 01:43:11 -0700 (PDT)
Received: from paranoid.convey.ru (ws03.convey.ru [195.182.128.18])
          by hub.freebsd.org (8.8.7/8.8.7) with ESMTP id BAA00275;
          Wed, 3 Sep 1997 01:42:57 -0700 (PDT)
Received: (from ark@localhost) by paranoid.convey.ru (8.7.5/8.7.3) id MAA14571; Wed, 3 Sep 2036 12:40:10 +0400
From: ArkanoiD <ark@paranoid.convey.ru>
Message-Id: <203609030840.MAA14571@paranoid.convey.ru>
Subject: log connection attempts?
To: firewalls@greatcircle.com
Date: Wed, 3 Sep 136 12:40:07 +0400 (MSD)
Cc: freebsd-security@freebsd.org, freebsd-hackers@freebsd.org
X-Mailer: ELM [version 2.4 PL25]
MIME-Version: 1.0
Content-Type: text/plain; charset=koi8-r
Content-Transfer-Encoding: 8bit
Sender: owner-freebsd-security@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

nuqneH,

Did anyone try to patch the kernel to log connection attempts for ports
(tcp and maybe udp) where no program accepts connection? (2.1.7)

I _know_ i can do nearly the same with IP filtering/logging but i
prefer another way..


-- 
                                       _     _  _  _  _      _  _
   {::} {::} {::}  CU in Hell          _| o |_ | | _|| |   / _||_|   |_ |_ |_
   (##) (##) (##)        /Arkan#iD    |_  o  _||_| _||_| /   _|  | o |_||_||_|
   [||] [||] [||]            Do i believe in Bible? Hell,man,i've seen one!