Date: Mon, 14 Apr 2003 13:31:27 +0200 From: GiZmen <gizmen@pals.one.pl> To: freebsd-security@FreeBSD.ORG Subject: strange connection attempts Message-ID: <20030414113127.GB3861@blurp.one.pl>
next in thread | raw e-mail | index | archive | help
hello, I have turned on sysctls variables: net.inet.tcp.log_in_vain: 1 net.inet.udp.log_in_vain: 1 And i have plenty of strange connection attempts on udp protocol Connection attempt to UDP xx.xx.x.xxx:55414 from 192.43.172.34:53 Apr 13 23:56:53 pals /kernel: Connection attempt to UDP xx.xx.x.xxx:55414 from 192.43.172.34:53 Connection attempt to UDP xx.xx.x.xxx:12545 from 192.42.93.36:53 Apr 13 23:56:54 pals /kernel: Connection attempt to UDP xx.xx..xxx:12545 from 192.42.93.36:53 Connection attempt to UDP xx.xx.x.xxx:44308 from 192.42.93.36:53 i know that those connections are from dns but why kernel logs such thing. I have statufull firewall and all trafic to any port on UDP protocol are deny and only those UDP datagrams from my resolver are passed back through dynamics rules. These connections are caused by returned queruies from dns servers. Is it normal to have such type connection attempts ? Can anybody help me solve my problem. -- Best Regards: GiZmen
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030414113127.GB3861>