From owner-freebsd-questions@FreeBSD.ORG Fri Jun 20 09:35:41 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E38D437B401 for ; Fri, 20 Jun 2003 09:35:41 -0700 (PDT) Received: from mail.munk.nu (213-152-51-194.dsl.eclipse.net.uk [213.152.51.194]) by mx1.FreeBSD.org (Postfix) with ESMTP id 14D2143FB1 for ; Fri, 20 Jun 2003 09:35:41 -0700 (PDT) (envelope-from munk@mail.munk.nu) Received: from munk by mail.munk.nu with local (Exim 4.20) id 19TOrT-0005A1-EJ for freebsd-questions@FreeBSD.ORG; Fri, 20 Jun 2003 17:35:39 +0100 Date: Fri, 20 Jun 2003 17:35:39 +0100 From: Jez Hancock To: freebsd-questions@FreeBSD.ORG Message-ID: <20030620163539.GA17705@users.munk.nu> Mail-Followup-To: freebsd-questions@FreeBSD.ORG References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.4.1i Sender: User Munk Subject: Re: Limiting closed port RST response X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 20 Jun 2003 16:35:42 -0000 On Fri, Jun 20, 2003 at 09:55:19AM +0100, Matthew Ryan wrote: > Could this be a DOS atttack? It could be, but more likely it's someone trying to determine what ports are open with a tool such as nmap. > Where do I find a more detailed log? Configure a firewall such as ipf and make sure you opt to log blocked packets. > I'm running FreeBSD 4.8 Release - the box is basically just a gateway > router running natd and dhcpd. ipf and ipnat run nicely together to provide a combination of nat and filtering - although if you already have nat running it's probably best just to configure a basic ipf firewall that allows just the traffic you want. Have a look here for more info on ipf: http://munk.nu/ipf/ My old rulesets for ipf are here: http://munk.nu/ipf/mboxen/ Regards, Jez