Kernel log output meaning
From: Illia Baidakov (illich_at_newchem.ru)
Date: 02/11/04
- Previous message: Mike Tancsa: "Longest known unpatched FreeBSD security issue ?"
- Next in thread: Dag-Erling Smørgrav: "Re: Kernel log output meaning"
- Reply: Dag-Erling Smørgrav: "Re: Kernel log output meaning"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 11 Feb 2004 11:49:38 +0300 To: freebsd-security@freebsd.org
Hello security,
This output I've received from conventional cron daily job:
[...]
gw.nbh.ru kernel log messages:
> Limiting closed port RST response from 201 to 200 packets per second
[...]
where fxp0 is an external interface.
What could involve such a messages?
In /var/log/messages the above strings was prepended by string:
Feb 10 13:24:29 gw /kernel: ipfw: limit 100 reached on entry 10800
current ipfw #10800 entry says:
10800 1204 52976 deny log logamount 100 ip from any to 172.16.0.0/12 via fxp0
/var/log/security at this time shows many strings looking like this:
Feb 10 13:24:29 gw /kernel: ipfw: 10800 Deny TCP 11.22.33.44:1376 172.29.249.249:7 out via fxp0
11.22.33.44 is my fxp0 iface address.
I do not think I have tried to initiate such a connections purposely.
Possibly by playing whith spamassassin?..
Remember, I had failed attempt to download its source from its website
somewhere at that time. (The second downloading attempt has
successed.)
-- Thanks in advance, Illia Baidakov. _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
- Previous message: Mike Tancsa: "Longest known unpatched FreeBSD security issue ?"
- Next in thread: Dag-Erling Smørgrav: "Re: Kernel log output meaning"
- Reply: Dag-Erling Smørgrav: "Re: Kernel log output meaning"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
