Date: Thu, 11 Jul 2002 12:47:47 -0400 From: "Joe & Fhe Barbish" <barbish@a1poweruser.com> To: "John Newlin" <jnewlin@tsoft.com> Cc: "FBSDQ" <questions@FreeBSD.ORG> Subject: RE: Entry in /var/log/security Message-ID: <MIEPLLIBMLEEABPDBIEGMEDICFAA.barbish@a1poweruser.com> In-Reply-To: <000e01c218a7$97b016a0$0b01a8c0@hq.tensilica.com>
next in thread | previous in thread | raw e-mail | index | archive | help
This is a multi-part message in MIME format. ------=_NextPart_000_0011_01C228D9.28D11300 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Looks like your isp DHCP server is sending generic DNS broadcast to your FBSD box. If you have an DSL or cable connection to your ISP you should allow this packet through your ipfw firewall. -----Original Message----- From: owner-freebsd-questions@FreeBSD.ORG [mailto:owner-freebsd-questions@FreeBSD.ORG]On Behalf Of John Newlin Sent: Thursday, June 20, 2002 4:35 PM To: freebsd-questions@freebsd.org Subject: Entry in /var/log/security I'm seeing a few of these in my security log: Jun 19 20:45:48 john /kernel: ipfw: 1300 Deny UDP 198.144.206.1:56238 255.255.255.255:53 in via de1 Any idea what this may be about. The source address is that of my default route. -John Newlin ------=_NextPart_000_0011_01C228D9.28D11300 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <html xmlns:v=3D"urn:schemas-microsoft-com:vml" = xmlns:o=3D"urn:schemas-microsoft-com:office:office" = xmlns:w=3D"urn:schemas-microsoft-com:office:word" = xmlns=3D"http://www.w3.org/TR/REC-html40">; <head> <meta http-equiv=3DContent-Type content=3D"text/html; = charset=3Diso-8859-1"> <meta name=3DProgId content=3DWord.Document> <meta name=3DGenerator content=3D"Microsoft Word 9"> <meta name=3DOriginator content=3D"Microsoft Word 9"> <link rel=3DFile-List href=3D"cid:filelist.xml@01C228D9.28AF8140"> <!--[if gte mso 9]><xml> <o:OfficeDocumentSettings> <o:DoNotRelyOnCSS/> </o:OfficeDocumentSettings> </xml><![endif]--><!--[if gte mso 9]><xml> <w:WordDocument> <w:Zoom>0</w:Zoom> <w:DocumentKind>DocumentEmail</w:DocumentKind> <w:EnvelopeVis/> </w:WordDocument> </xml><![endif]--> <style> <!-- /* Font Definitions */ @font-face {font-family:Tahoma; panose-1:2 11 6 4 3 5 4 4 2 4; mso-font-charset:0; mso-generic-font-family:swiss; mso-font-pitch:variable; mso-font-signature:16792199 0 0 0 65791 0;} /* Style Definitions */ p.MsoNormal, li.MsoNormal, div.MsoNormal {mso-style-parent:""; margin:0in; margin-bottom:.0001pt; mso-pagination:widow-orphan; font-size:12.0pt; font-family:"Times New Roman"; mso-fareast-font-family:"Times New Roman";} p.MsoAutoSig, li.MsoAutoSig, div.MsoAutoSig {margin:0in; margin-bottom:.0001pt; mso-pagination:widow-orphan; font-size:12.0pt; font-family:"Times New Roman"; mso-fareast-font-family:"Times New Roman";} span.EmailStyle15 {mso-style-type:personal-reply; mso-ansi-font-size:10.0pt; mso-ascii-font-family:Arial; mso-hansi-font-family:Arial; mso-bidi-font-family:Arial; color:navy;} @page Section1 {size:8.5in 11.0in; margin:1.0in 1.25in 1.0in 1.25in; mso-header-margin:.5in; mso-footer-margin:.5in; mso-paper-source:0;} div.Section1 {page:Section1;} --> </style> <!--[if gte mso 9]><xml> <o:shapedefaults v:ext=3D"edit" spidmax=3D"1027"/> </xml><![endif]--><!--[if gte mso 9]><xml> <o:shapelayout v:ext=3D"edit"> <o:idmap v:ext=3D"edit" data=3D"1"/> </o:shapelayout></xml><![endif]--> </head> <body bgcolor=3Dwhite lang=3DEN-US style=3D'tab-interval:.5in'> <div class=3DSection1> <p class=3DMsoNormal><span class=3DEmailStyle15><font size=3D2 = color=3Dnavy face=3DArial><span style=3D'font-size:10.0pt;mso-bidi-font-size:12.0pt;font-family:Arial'>Lo= oks like your isp DHCP server is sending generic DNS broadcast to = <o:p></o:p></span></font></span></p> <p class=3DMsoNormal><span class=3DEmailStyle15><font size=3D2 = color=3Dnavy face=3DArial><span style=3D'font-size:10.0pt;mso-bidi-font-size:12.0pt;font-family:Arial'>yo= ur FBSD box. If you have an DSL or cable <span style=3D"mso-spacerun: = yes"> </span>connection to your ISP <o:p></o:p></span></font></span></p> <p class=3DMsoNormal><span class=3DEmailStyle15><font size=3D2 = color=3Dnavy face=3DArial><span style=3D'font-size:10.0pt;mso-bidi-font-size:12.0pt;font-family:Arial'>yo= u should allow this packet through your ipfw firewall. = <o:p></o:p></span></font></span></p> <p class=3DMsoNormal><span class=3DEmailStyle15><font size=3D2 = color=3Dnavy face=3DArial><span style=3D'font-size:10.0pt;mso-bidi-font-size:12.0pt;font-family:Arial'><!= [if = !supportEmptyParas]> <![endif]><o:p></o:p></span></font></span></p> <p class=3DMsoNormal style=3D'margin-left:.5in'><font size=3D2 = color=3Dblack face=3DTahoma><span = style=3D'font-size:10.0pt;font-family:Tahoma;color:black'>-----Original Message-----<br> <b><span style=3D'font-weight:bold'>From:</span></b> owner-freebsd-questions@FreeBSD.ORG [mailto:owner-freebsd-questions@FreeBSD.ORG]<b><span = style=3D'font-weight:bold'>On Behalf Of </span></b>John Newlin<br> <b><span style=3D'font-weight:bold'>Sent:</span></b> Thursday, June 20, = 2002 4:35 PM<br> <b><span style=3D'font-weight:bold'>To:</span></b> = freebsd-questions@freebsd.org<br> <b><span style=3D'font-weight:bold'>Subject:</span></b> Entry in /var/log/security</span></font></p> <p class=3DMsoNormal style=3D'margin-left:.5in'><font size=3D3 = face=3D"Times New Roman"><span style=3D'font-size:12.0pt'><![if = !supportEmptyParas]> <![endif]><o:p></o:p></span></font></p> <p class=3DMsoNormal style=3D'margin-left:.5in'><font size=3D2 = color=3Dblack face=3DArial><span = style=3D'font-size:10.0pt;font-family:Arial;color:black'>I'm seeing a few of these in my security log:</span></font><font = color=3Dblack><span style=3D'color:black;mso-color-alt:windowtext'><o:p></o:p></span></font><= /p> <p class=3DMsoNormal style=3D'margin-left:.5in'><font size=3D3 = color=3Dblack face=3D"Times New Roman"><span = style=3D'font-size:12.0pt;color:black'> </span></font><font color=3Dblack><span = style=3D'color:black;mso-color-alt:windowtext'><o:p></o:p></span></font><= /p> <p class=3DMsoNormal style=3D'margin-left:.5in'><font size=3D2 = color=3Dblack face=3DArial><span = style=3D'font-size:10.0pt;font-family:Arial;color:black'>Jun 19 20:45:48 john /kernel: ipfw: 1300 Deny UDP 198.144.206.1:56238 255.255.255.255:53 in via de1</span></font><font color=3Dblack><span style=3D'color:black;mso-color-alt:windowtext'><o:p></o:p></span></font><= /p> <p class=3DMsoNormal style=3D'margin-left:.5in'><font size=3D2 = color=3Dblack face=3DArial><span = style=3D'font-size:10.0pt;font-family:Arial;color:black'>Any idea what this may be about. The source address is that of my = default route.</span></font><font color=3Dblack><span = style=3D'color:black;mso-color-alt: windowtext'><o:p></o:p></span></font></p> <p class=3DMsoNormal style=3D'margin-left:.5in'><font size=3D3 = color=3Dblack face=3D"Times New Roman"><span = style=3D'font-size:12.0pt;color:black'> </span></font><font color=3Dblack><span = style=3D'color:black;mso-color-alt:windowtext'><o:p></o:p></span></font><= /p> <p class=3DMsoNormal style=3D'margin-left:.5in'><font size=3D2 = color=3Dblack face=3DArial><span = style=3D'font-size:10.0pt;font-family:Arial;color:black'>-John Newlin</span></font><font color=3Dblack><span = style=3D'color:black;mso-color-alt: windowtext'><o:p></o:p></span></font></p> <p class=3DMsoNormal style=3D'margin-left:.5in'><font size=3D3 = color=3Dblack face=3D"Times New Roman"><span = style=3D'font-size:12.0pt;color:black'> </span></font><font color=3Dblack><span = style=3D'color:black;mso-color-alt:windowtext'><o:p></o:p></span></font><= /p> <p class=3DMsoNormal style=3D'margin-left:.5in'><font size=3D3 = color=3Dblack face=3D"Times New Roman"><span = style=3D'font-size:12.0pt;color:black'> </span></font><font color=3Dblack><span = style=3D'color:black;mso-color-alt:windowtext'><o:p></o:p></span></font><= /p> </div> </body> </html> ------=_NextPart_000_0011_01C228D9.28D11300-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?MIEPLLIBMLEEABPDBIEGMEDICFAA.barbish>