Date: Tue, 12 Feb 2008 13:56:10 +0100 From: Pietro Cerutti <gahr@gahr.ch> To: "Aryeh M. Friedman" <aryeh.friedman@gmail.com> Cc: freebsd-current@freebsd.org Subject: Re: does this error message mean anything bad? Message-ID: <47B1976A.3090705@gahr.ch> In-Reply-To: <47B195EF.9060603@gmail.com> References: <47B195EF.9060603@gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enigA80D9044DD1DBAE320BC9311 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Aryeh M. Friedman wrote: > Limiting closed port RST response from 266 to 200 packets/second. In the average case, someone is doing a portscan against you. In the worst case, they're trying to do a DOS attack. I suggest that you set the following sysctl variables net.inet.tcp.blackhole=3D2 net.inet.udp.blackhole=3D1 and that you read the man page for blackhole(4). P.S. this would better fit on freebsd-questions@ --=20 Pietro Cerutti PGP Public Key: http://gahr.ch/pgp --------------enigA80D9044DD1DBAE320BC9311 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.8 (FreeBSD) iEYEAREKAAYFAkexl28ACgkQwMJqmJVx947xXwCfZqxuON1l5c09Bv4siARBfsak bjEAoNtUDhz1Fsi9aqt4LXoXsxu0fETL =2ODR -----END PGP SIGNATURE----- --------------enigA80D9044DD1DBAE320BC9311--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?47B1976A.3090705>