strange connection attempts
GiZmen
gizmen at pals.one.pl
Mon Apr 14 04:31:07 PDT 2003
hello,
I have turned on sysctls variables:
net.inet.tcp.log_in_vain: 1
net.inet.udp.log_in_vain: 1
And i have plenty of strange connection attempts on udp protocol
Connection attempt to UDP xx.xx.x.xxx:55414 from 192.43.172.34:53
Apr 13 23:56:53 pals /kernel: Connection attempt to UDP xx.xx.x.xxx:55414 from 192.43.172.34:53
Connection attempt to UDP xx.xx.x.xxx:12545 from 192.42.93.36:53
Apr 13 23:56:54 pals /kernel: Connection attempt to UDP xx.xx..xxx:12545 from 192.42.93.36:53
Connection attempt to UDP xx.xx.x.xxx:44308 from 192.42.93.36:53
i know that those connections are from dns but why kernel logs such thing.
I have statufull firewall and all trafic to any port on UDP protocol are deny and
only those UDP datagrams from my resolver are passed back through dynamics rules.
These connections are caused by returned queruies from dns servers.
Is it normal to have such type connection attempts ?
Can anybody help me solve my problem.
--
Best Regards:
GiZmen
More information about the freebsd-security
mailing list