From owner-freebsd-security Thu Sep 27 7:33:18 2001 Delivered-To: freebsd-security@freebsd.org Received: from mirage.secna.ru (mirage.secna.ru [212.192.0.20]) by hub.freebsd.org (Postfix) with ESMTP id 96E4337B442 for ; Thu, 27 Sep 2001 07:33:01 -0700 (PDT) Received: from agtu.secna.ru (agtu.secna.ru [212.192.0.25]) by mirage.secna.ru (8.9.1/8.9.1-secna) with ESMTP id VAA00305; Thu, 27 Sep 2001 21:32:56 +0700 (NOVST) Received: from spider.secna.ru (spider.secna.ru [212.192.26.98]) by agtu.secna.ru (8.8.8/Relcom-2A) with ESMTP id VAA29661 ;Thu, 27 Sep 2001 21:30:40 +0700 (NSD) Message-ID: <3BB346AF.1F97B954@agtu.secna.ru> Date: Thu, 27 Sep 2001 21:33:03 +0600 From: "Denis P. Kravar" X-Mailer: Mozilla 4.7 [en] (WinNT; I) X-Accept-Language: ru,en MIME-Version: 1.0 To: freebsd-security@FreeBSD.ORG Subject: Re: flood attacks References: <20010927133334.15056.qmail@lazir.toya.net.pl> Content-Type: text/plain; charset=koi8-r Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org > Try sysctl -w net.inet.tcp.log_in_vain=1; sysctl -w net.inet.udp.log_in_vain=1 > It will provide you with logging attemted connections to your box. It's only show trying connects on unlistened ports. Your need sysctl -w net.inet.ip.fw.logging=1 or firewall_logging="YES" in rc.local (or in rc.default) -- With best regards Denis Kravar. E-mail: Denis_Kravar@agtu.secna.ru ICQ: 15561179 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message