strange connection attempts

• Previous message: Nickolay A. Kritsky: "(OT) rfc1948 question"
• Next in thread: dawnshade: "Re: strange connection attempts"
• Reply: dawnshade: "Re: strange connection attempts"
• Reply: Guy P.: "Re: strange connection attempts"
• Reply: Sêrêciya Kurdistanî: "Re: strange connection attempts"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Mon, 14 Apr 2003 13:31:27 +0200
From: GiZmen <gizmen@pals.one.pl>
To: freebsd-security@FreeBSD.ORG

hello,

I have turned on sysctls variables:
net.inet.tcp.log_in_vain: 1
net.inet.udp.log_in_vain: 1

And i have plenty of strange connection attempts on udp protocol

 Connection attempt to UDP xx.xx.x.xxx:55414 from 192.43.172.34:53
 Apr 13 23:56:53 pals /kernel: Connection attempt to UDP xx.xx.x.xxx:55414 from 192.43.172.34:53
 Connection attempt to UDP xx.xx.x.xxx:12545 from 192.42.93.36:53
 Apr 13 23:56:54 pals /kernel: Connection attempt to UDP xx.xx..xxx:12545 from 192.42.93.36:53
 Connection attempt to UDP xx.xx.x.xxx:44308 from 192.42.93.36:53

i know that those connections are from dns but why kernel logs such thing.
I have statufull firewall and all trafic to any port on UDP protocol are deny and
only those UDP datagrams from my resolver are passed back through dynamics rules.
These connections are caused by returned queruies from dns servers.
Is it normal to have such type connection attempts ?

Can anybody help me solve my problem.

-- 
Best Regards:
		GiZmen
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"

• Previous message: Nickolay A. Kritsky: "(OT) rfc1948 question"
• Next in thread: dawnshade: "Re: strange connection attempts"
• Reply: dawnshade: "Re: strange connection attempts"
• Reply: Guy P.: "Re: strange connection attempts"
• Reply: Sêrêciya Kurdistanî: "Re: strange connection attempts"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: strange connection attempts ... G> And i have plenty of strange connection attempts on udp protocol ... G> These connections are caused by returned queruies from dns servers. ... (FreeBSD-Security) Re: strange connection attempts ... >And i have plenty of strange connection attempts on udp protocol ... >I have statufull firewall and all trafic to any port on UDP protocol are ... >only those UDP datagrams from my resolver are passed back through dynamics ... (FreeBSD-Security) Re: weird packets.. anyone? ... See below for how I handle this on my cable connection. ... The second appears to be a broadcast NetBIOS-NS request from a DHCP ... I simply drop all tcp and udp>134 <140 and ignore them. ... spoof UDP traffic through your packet filters. ... (FreeBSD-Security) Re: UDP connection over GPRS/3G fails when Wifi is ON ... a UDP server over the GPRS/3G network (I downloaded a free ... This works when the Wifi is OFF. ... there is an active WIFI connection to the web. ... The GPRS connection stops when there is active WiFi connection? ... (microsoft.public.pocketpc.developer) Re: Internet connection through PC ... You can craft your code to force your UDP traffic through a connection other ... You need to bind your socket to the IP of your GPRS adapter. ... > while keeping the eVC4 debug capability alive. ... (microsoft.public.dotnet.framework.compactframework)