Date: Thu, 01 Sep 2005 11:10:45 -0400 From: Chuck Swiger <cswiger@mac.com> To: Dark Star <dead_line@hotmail.com> Cc: freebsd-questions@freebsd.org Subject: Re: Limiting closed port Message-ID: <431719F5.3050201@mac.com> In-Reply-To: <BAY20-F293FDFDBA0654AFB8BCE3A9AA00@phx.gbl> References: <BAY20-F293FDFDBA0654AFB8BCE3A9AA00@phx.gbl>
next in thread | previous in thread | raw e-mail | index | archive | help
Dark Star wrote: > /kernel: Limiting closed port RST response from 243 to 200 packets per > second > /kernel: Limiting closed port RST response from 222 to 200 packets per > second > /kernel: Limiting closed port RST response from 238 to 200 packets per > second > > I think its sometype of scan or attack. It's almost certainly a portscan. Per se, that's not an attack, but if someone follows up trying to exploit open services, it would be. > My server has a range of ips, I'm not sure what is this? how to > protect it? IPFW will prevent this? Yes, IPFW, PF, or another firewall can prevent this traffic. > how do i know, this attack to what IP excatly? Run "tcpdump -n". -- -Chuck
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?431719F5.3050201>