From owner-freebsd-stable Tue Oct 9 16:37:38 2001 Delivered-To: freebsd-stable@freebsd.org Received: from web20907.mail.yahoo.com (web20907.mail.yahoo.com [216.136.226.229]) by hub.freebsd.org (Postfix) with SMTP id 487C637B407 for ; Tue, 9 Oct 2001 16:37:30 -0700 (PDT) Message-ID: <20011009233730.11902.qmail@web20907.mail.yahoo.com> Received: from [209.8.72.253] by web20907.mail.yahoo.com via HTTP; Tue, 09 Oct 2001 16:37:30 PDT Date: Tue, 9 Oct 2001 16:37:30 -0700 (PDT) From: Randy Lee Subject: ipfw - DoS ? To: questions@freebsd.org Cc: freebsd-security@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Oct 9 12:00:02 MY /kernel: Connection attempt to TCP 216.8.77.2:0 from 202.228.131.2:3072 Oct 9 12:00:02 MY /kernel: Connection attempt to TCP 216.8.77.2:0 from 202.105.10.73:3072 Oct 9 12:00:02 MY /kernel: Connection attempt to TCP 216.8.77.2:0 from 209.114.222.105:3072 Oct 9 12:00:03 MY /kernel: Connection attempt to TCP 216.8.77.2:0 from 209.215.254.43:3072 Oct 9 12:00:04 MY /kernel: Connection attempt to TCP 216.8.77.2:0 from 209.10.122.24:1024 Oct 9 12:00:04 MY /kernel: Connection attempt to TCP 216.8.77.2:0 from 216.79.11.124:3072 Oct 9 12:00:04 MY /kernel: Connection attempt to TCP 216.8.77.2:0 from 216.248.242.59:1024 Oct 9 12:00:05 MY /kernel: Connection attempt to TCP 216.8.77.2:0 from 202.253.21.75:3072 Oct 9 12:00:06 MY /kernel: Connection attempt to TCP 216.8.77.2:0 from 202.204.219.111:1024 Oct 9 12:00:08 MY /kernel: Connection attempt to TCP 216.8.77.2:0 from 202.173.45.46:3072 Oct 9 12:00:08 MY /kernel: Connection attempt to TCP 216.8.77.2:0 from 209.245.158.51:3072 Oct 9 12:00:10 MY /kernel: Connection attempt to TCP 216.8.77.2:0 from 209.5.171.39:1024 Oct 9 12:00:11 MY /kernel: Connection attempt to TCP 216.8.77.2:0 from 216.163.72.16:1024 Oct 9 12:00:11 MY /kernel: Connection attempt to TCP 216.8.77.2:0 from 216.138.54.79:3072 Is someone is DoS'ing my server ? How can i deny all connection from port :3072 and :1024 using ipfw ? Any Idea is appreciated. __________________________________________________ Do You Yahoo!? Make a great connection at Yahoo! Personals. http://personals.yahoo.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message