Limiting closed port

Chuck Swiger cswiger at mac.com
Thu Sep 1 08:10:46 PDT 2005


Dark Star wrote:
>   /kernel: Limiting closed port RST response from 243 to 200 packets per 
> second
>   /kernel: Limiting closed port RST response from 222 to 200 packets per 
> second
>   /kernel: Limiting closed port RST response from 238 to 200 packets per 
> second
> 
>   I think its sometype of scan or attack.

It's almost certainly a portscan.  Per se, that's not an attack, but if someone 
follows up trying to exploit open services, it would be.

>   My server has a range of ips, I'm not sure what is this? how to 
> protect it? IPFW will prevent this?

Yes, IPFW, PF, or another firewall can prevent this traffic.

>   how do i know, this attack to what IP excatly?

Run "tcpdump -n".

-- 
-Chuck



More information about the freebsd-questions mailing list