Re: Security needed for basic home computer?

From: cothrige (cothrige_at_bellsouth.net)
Date: 11/18/03 

Date: Tue, 18 Nov 2003 15:08:12 -0600

Okay, here is a sample of what I have in my /var/log/messages (I have no
/var/log/kern.log) from the past few moments since I dialed.

Nov 18 14:53:38 localhost kernel: catch-all IN=ppp0 OUT= MAC=
SRC=209.215.101.134 DST=209.214.46.178 LEN=92
TOS=0x00 PREC=0x0
0 TTL=120 ID=62197 PROTO=ICMP TYPE=8 CODE=0 ID=768 SEQ=50115

Nov 18 14:53:51 localhost kernel: catch-all IN=ppp0 OUT= MAC=
SRC=209.214.143.136 DST=209.214.46.178 LEN=92 TOS=0x00
PREC=0x0
0 TTL=118 ID=58565 PROTO=ICMP TYPE=8 CODE=0 ID=768 SEQ=34094

Nov 18 14:53:55 localhost kernel: catch-all IN=ppp0 OUT= MAC=
SRC=209.216.147.134 DST=209.214.46.178 LEN=92 TOS=0x00
PREC=0x0
0 TTL=108 ID=32835 PROTO=ICMP TYPE=8 CODE=0 ID=512 SEQ=49253

Nov 18 14:54:03 localhost kernel: catch-all IN=ppp0 OUT= MAC=
SRC=209.214.17.149 DST=209.214.46.178 LEN=92 TOS=0x00
PREC=0x00
 TTL=118 ID=19906 PROTO=ICMP TYPE=8 CODE=0 ID=768 SEQ=38702

Nov 18 14:54:14 localhost kernel: catch-all IN=ppp0 OUT= MAC=
SRC=209.215.136.198 DST=209.214.46.178 LEN=92 TOS=0x00
PREC=0x0
0 TTL=117 ID=62349 PROTO=ICMP TYPE=8 CODE=0 ID=512 SEQ=24283

Nov 18 14:54:24 localhost kernel: catch-all IN=ppp0 OUT= MAC=
SRC=209.214.44.169 DST=209.214.46.178 LEN=92 TOS=0x00
PREC=0x00
 TTL=122 ID=20011 PROTO=ICMP TYPE=8 CODE=0 ID=768 SEQ=33838

I am sure that there have been more sinc I copied this out, and there
were certainly others earlier. If you think they would be helpful let me
know and I will send those along. At first glance they all seem similar
with IN=ppp0 OUT= MAC= etc. The SRC= seem to vary somewhat as you can
see. If I may, what exactly does this represent?

Also, I did some searching on the actual fact of it posting out to the
console and saw a plethora of options given by people. One was to edit
the syslog.conf to change the /dev/console to /dev/tty10 or such.
However, I was concerned with changing where my kernal posted things
which I may actually really need to know. But, I had to be rid of the
logging on the console in order to do anything, as this stuff came
through fast at times. Another suggestion was changing the log level of
the actual script, but this went a little over my head. For the time
being I have used "dmesg -n 1" which rids me of it until I reboot. Do
you have any thoughts on the best way to approach the actual logging in
order to allow usage of the screen?

Thanks,

cothrige

Relevant Pages

  • Re: Disappearing files, created from /etc/X11/Xclients
    ... Please include freebsd-questions on any replies. ... Also there is no console because this is the /etcX11/Xclients script, e.g. it is executed by gdm after logging in to X window system through xdmpc. ... If that fails, then try opening the file in the home directory of the user who you are testing as. ...
    (freebsd-questions)
  • Iptables and logging to the console
    ... How can I stop Iptables logging to the console? ... # Kernel sysctl configuration file for Red Hat Linux ... # Controls source route verification ...
    (Fedora)
  • Re: ptwilliams?
    ... > reset a secure channel password using RDP!! ... > logging into the console and getting a 'command completed successfully' ... > message, when I tried to open AD tools through Terminal Servcies, I get ...
    (microsoft.public.win2000.active_directory)
  • Re: [kde-linux] [Bulk] Konsole Immunity Lost
    ... I really do not want them as they make the console almost unusable. ... So how do I get rid of them? ... You can see what your system is currently set at with (as root): ... Does not explain why I never got them before in konsole/yakuake. ...
    (KDE)
  • Re: Turn Debian into a Desktop-System what to do
    ... I wished to get rid of ... > Every damn service pointing to scheduled tasks got uninstalled, ... > really covering the entire logging infra structure or are some ...
    (Debian-User)