log_in_vain="YES"
fbsd_user
fbsd_user at a1poweruser.com
Fri Jan 23 07:15:35 PST 2004
If this is happening while your system is connected to the public
internet then your system is under attack by somebody who is
spoofing ip address 127.0.0.1. Port 113 is the ident protocol.
There is no reason for the cron jobs to be doing that. You should
power off you system when not in use at least until you install an
firewall software solution.
You really need an firewall, and should use IPFILTER as it's
stateful keep-state rules function work correctly. FBSD's ipfw
stateful rules are broken when used with ipfw's divert/natd
function.
-----Original Message-----
From: owner-freebsd-questions at freebsd.org
[mailto:owner-freebsd-questions at freebsd.org]On Behalf Of Didier
WIROTH
Sent: Friday, January 23, 2004 4:55 AM
To: freebsd-questions at freebsd.org
Subject: log_in_vain="YES"
When using log_in_vain="YES" I get a lot of console message of these
types:
Jan 21 03:01:12 ultimate kernel: Connection attempt to TCP
127.0.0.1:113
from 127.0.0.1:49188 flags:0x02
Jan 21 03:01:12 ultimate kernel: Connection attempt to TCP
127.0.0.1:113
from 127.0.0.1:49190 flags:0x02
Jan 21 03:01:12 ultimate kernel: Connection attempt to UDP
127.0.0.1:512
from 127.0.0.1:49286
Jan 21 03:01:12 ultimate kernel: Connection attempt to UDP
127.0.0.1:512
from 127.0.0.1:49287
I assume the above entries happen when the cron jobs, auth and
sendmail
tries to send the daily reports.
What does log_in_vain actually do/work? Is it possible to tell
log_in_vain
to ignore connections form localhost to localhost?
Many thanks
Didier
_______________________________________________
freebsd-questions at freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to
"freebsd-questions-unsubscribe at freebsd.org"
More information about the freebsd-questions
mailing list