The log-in-vain MIB is an poor mans version of an firewall. When you enable IPFW or IPFILTER this MIB and the other network security MIB's become meaningless, as the firewall gets access to the packets before anything else and drops all packets arriving on ports without any application listening on the port as technically invalid. This subject has been posted to the questions list this week. See subject thread 'network security sysctl mib's'
-----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Norman Walek Sent: Thursday, December 04, 2003 10:53 AM To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: Re: Connection attempt to TCP messages in /var/log/messages edit /etc/syslog.conf appropriately kernel.debug for said example >Nov 25 03:09:56 asia /kernel: Connection attempt to TCP 202.79.180.131:80 njw "Mohsin Rahman" <[EMAIL PROTECTED]> wrote in message news:<[EMAIL PROTECTED]> ... >sysctl -w net.inet.tcp.log_in_vain=1 >sysctl -w net.inet.udp.log_in_vain=1 > >turns em on and > >sysctl -w net.inet.tcp.log_in_vain=0 >sysctl -w net.inet.udp.log_in_vain=0 > >turns them off. Hope this helps. > >Anyone know how to add a time/date to this log entry and which file to >modify? > >-- >Mohsin Rahman >[EMAIL PROTECTED] > > >----- Original Message ----- From: "Kent Stewart" <[EMAIL PROTECTED]> >To: "Spades" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> >Sent: Monday, November 24, 2003 2:28 PM >Subject: Re: Connection attempt to TCP messages in /var/log/messages > > > > On Monday 24 November 2003 11:11 am, Spades wrote: > > > I did a tail -f /var/log/messages and got all these.. > > > > > > previously before my cvs and recompile kernel to 4.9 stable > > > it didn't have below.. now it does.. > > > > > > Nov 25 03:09:56 asia /kernel: Connection attempt to TCP > 202.79.180.131:80 > > > from 65.217.41.66:1681 > > > Nov 25 03:09:58 asia /kernel: Connection attempt to TCP > 202.79.180.130:80 > > > from 24.136.234.77:4059 > > > > > > question.. how to stop seeing them in /var/log/messages? > > > > > > > Buy a hardware firewall that you place in front of your computer. You > probably > > have a log option in your firewall and someone is trying to connect to > your > > web server. You could turn off logging but I like to know who is trying >to > > connect to my systems. This is especially true when I am not running a > > service and they are probing to find out if I am. > > > > Kent > > > > -- > Kent Stewart > > Richland, WA > > > > http://users.owt.com/kstewart/index.html > > > > _______________________________________________ > > [EMAIL PROTECTED] mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > > To unsubscribe, send any mail to > "[EMAIL PROTECTED]" > > > > > >_______________________________________________ >[EMAIL PROTECTED] mailing list >http://lists.freebsd.org/mailman/listinfo/freebsd-questions >To unsubscribe, send any mail to >"[EMAIL PROTECTED]" _________________________________________________________________ Tired of slow downloads and busy signals? Get a high-speed Internet connection! Comparison-shop your local high-speed providers here. https://broadband.msn.com _______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]" _______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
