From owner-freebsd-security@FreeBSD.ORG Fri Jan 9 06:30:31 2004 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A982616A50E for ; Fri, 9 Jan 2004 06:30:31 -0800 (PST) Received: from ns.tern.ru (mail.tern.ru [195.210.170.2]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9F9A943D31 for ; Fri, 9 Jan 2004 06:30:22 -0800 (PST) (envelope-from tech@tern.ru) Received: from mail.tern.ru (mail.tern.ru [192.168.1.140]) by ns.tern.ru (X/X) with ESMTP id i09ES0Yj043372 for ; Fri, 9 Jan 2004 17:28:00 +0300 X-Spam-Filter: check_local@ns.tern.ru by digitalanswers.org Received: from mail.tern.ru (localhost.tern.ru [127.0.0.1]) by mail.tern.ru (X/X) with ESMTP id i09EX609086461 for ; Fri, 9 Jan 2004 17:33:06 +0300 (MSK) Received: (from root@localhost) by mail.tern.ru (X/X) id i09EX6aq086460 for freebsd-security@freebsd.org.VIRCHECK; Fri, 9 Jan 2004 17:33:06 +0300 (MSK) Received: from snork.tern.ru (snork.tern.ru [192.168.1.133]) by mail.tern.ru (X/X) with ESMTP id i09EX509086452 for ; Fri, 9 Jan 2004 17:33:05 +0300 (MSK) Resent-Date: Fri, 9 Jan 2004 17:33:05 +0300 (MSK) Resent-Message-Id: <200401091433.i09EX509086452@mail.tern.ru> Date: Fri, 9 Jan 2004 17:32:20 +0300 From: freebsd@tern.ru Organization: Tern X-Priority: 3 (Normal) Message-ID: <1775511953.20040109173220@tern.ru> To: freebsd-security@freebsd.org Resent-From: Alexandre Krasnov MIME-Version: 1.0 Content-Type: text/plain; charset=Windows-1251 Content-Transfer-Encoding: 8bit Subject: Problem with DNS (UDP) queries X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: Alexandre Krasnov List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 09 Jan 2004 14:30:31 -0000 Hi all I am trying to get rid of strings: kernel: Connection attempt to UDP FREEBSD_IP:port from DNSSERVER_IP:53 on my console and in log file I understand that those are replies on DNS queries that for some reason took too long time to be answered. I do not want to turn off the "log in vain" feature. As these strings fill up my log I am afraid to miss some sensitive messages (e.g. hacker's attack :) I'm using FreeBSD 5.1 with ipfw2 that allows via static rules both DNS queries and DNS replies. The main application that generates queries is sendmail. What can be done? I've found a lot of similar questions at google but there was no a single answer. I'd be happy, for example, to increase the FreeBSD resolver timeout but I do not want to change any source code. Thank you for your attention. Alex -- С уважением, Александр Краснов Руководитель отдела технической поддержки Компании Терн Тел.: +7 (095) 235-0920/0954/0851, 234-9885 Факс: +7 (095) 235-3381 www.tern.ru