From owner-freebsd-hackers Thu Sep 4 06:14:11 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.7/8.8.7) id GAA26560 for hackers-outgoing; Thu, 4 Sep 1997 06:14:11 -0700 (PDT) Received: from paranoid.convey.ru (ws03.convey.ru [195.182.128.18]) by hub.freebsd.org (8.8.7/8.8.7) with ESMTP id GAA26553; Thu, 4 Sep 1997 06:14:02 -0700 (PDT) Received: (from ark@localhost) by paranoid.convey.ru (8.7.5/8.7.3) id QAA00831; Thu, 4 Sep 1997 16:17:51 +0400 From: ArkanoiD Message-Id: <199709041217.QAA00831@paranoid.convey.ru> Subject: Re: log connection attempts? To: phk@critter.freebsd.dk (Poul-Henning Kamp) Date: Thu, 4 Sep 1997 16:17:51 +0400 (MSD) Cc: firewalls@greatcircle.com, freebsd-security@freebsd.org, freebsd-hackers@freebsd.org In-Reply-To: <4926.873280349@critter.freebsd.dk> from "Poul-Henning Kamp" at Sep 3, 97 11:52:29 am X-Mailer: ELM [version 2.4 PL25] MIME-Version: 1.0 Content-Type: text/plain; charset=koi8-r Content-Transfer-Encoding: 8bit Sender: owner-freebsd-hackers@freebsd.org X-Loop: FreeBSD.org Precedence: bulk nuqneH, > > In message <203609030840.MAA14571@paranoid.convey.ru>, ArkanoiD writes: > >nuqneH, > > > >Did anyone try to patch the kernel to log connection attempts for ports > >(tcp and maybe udp) where no program accepts connection? (2.1.7) > > Set these two sysctl variables to non-zero: > net.inet.tcp.log_in_vain: 0 > net.inet.udp.log_in_vain: 0 > fourth level name log_in_vain in net.inet.tcp.log_in_vain is invalid ..and i don't remember smth like that when browsing the sources. -- _ _ _ _ _ _ _ {::} {::} {::} CU in Hell _| o |_ | | _|| | / _||_| |_ |_ |_ (##) (##) (##) /Arkan#iD |_ o _||_| _||_| / _| | o |_||_||_| [||] [||] [||] Do i believe in Bible? Hell,man,i've seen one!