Date: Fri, 5 Sep 1997 23:31:03 +0800 From: Ng Pheng Siong <ngps@post1.com> To: ArkanoiD <ark@paranoid.convey.ru> Cc: firewalls@greatcircle.com, freebsd-security@FreeBSD.ORG, freebsd-hackers@FreeBSD.ORG Subject: Re: log connection attempts? Message-ID: <19970905233103.64953@dyn.ml.org> In-Reply-To: <203609030840.MAA14571@paranoid.convey.ru>; from ArkanoiD on Wed, Sep 03, 2036 at 12:40:07PM %2B0400 References: <203609030840.MAA14571@paranoid.convey.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sep 3, ArkanoiD wrote: > Did anyone try to patch the kernel to log connection attempts for ports > (tcp and maybe udp) where no program accepts connection? (2.1.7) About 2 years ago, some one from Oz did just that. Asking the search engines... Altavista... results totally irrelevant. (Seems that it is run by the Internic whois people these days. ;) Infoseek... hmmm, ip masquerade... Lycos... got it! First entry, too: http://minnie.cs.adfa.oz.au/Seminars/AUUG96/netpaper.html Off-hand I wonder if in-kernel logging might undo measures like syn-flood proofing, etc., and introduce DOS possibilities. BTW, read today that CMU is being awarded a patent for Lycos-related technology. -- Ng Pheng Siong <ngps@post1.com>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19970905233103.64953>