Date: 23 Sep 1999 14:14:00 -0400 From: Chris Shenton <cshenton@uucom.com> To: Matthew Hunt <mph@astro.caltech.edu> Cc: freebsd-net@FreeBSD.ORG, freebsd-security@FreeBSD.ORG Subject: Re: Inetd -l: log *all* connection attempts (not just valid svcs) Message-ID: <lfln9xh4wn.fsf@Samizdat.uucom.com> In-Reply-To: Matthew Hunt's message of "Thu, 23 Sep 1999 08:11:53 -0700" References: <lfr9jpis9s.fsf_-_@Samizdat.uucom.com> <19990923081153.B668@wopr.caltech.edu>
index | next in thread | previous in thread | raw e-mail
On Thu, 23 Sep 1999 08:11:53 -0700, Matthew Hunt <mph@astro.caltech.edu> said: Matthew> To log connections to ports with nothing listening, set Matthew> "log_in_vain" to "YES" in /etc/rc.conf if it's in there, or Matthew> do "sysctl -w net.inet.tcp.log_in_vain=1" as root. That's exactly what I was looking for, thanks! As to the name of the variable... you guys are the zaniest :-) (When did this variable appear?) PS: Anthony Di Pietro <anthony@dino.omen.com.au> suggested "clog" in ports, which I tried. It does a nice job of reporting all connections on the LAN segment, not just rejected ones nor just ones to the local machine. Nice tool for seeing what's on your LAN. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the messagehome | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?lfln9xh4wn.fsf>