strange connection attempts
=?unknown-8bit?Q?S=EAr=EAciya_Kurdistan=EE?=
sereciya at kurdistan.ath.cx
Mon Apr 14 08:15:21 PDT 2003
Hello,
> And i have plenty of strange connection attempts on udp protocol
>
> Connection attempt to UDP xx.xx.x.xxx:55414 from 192.43.172.34:53
> Apr 13 23:56:53 pals /kernel: Connection attempt to UDP xx.xx.x.xxx:55414 from 192.43.172.34:53
> Connection attempt to UDP xx.xx.x.xxx:12545 from 192.42.93.36:53
> Apr 13 23:56:54 pals /kernel: Connection attempt to UDP xx.xx..xxx:12545 from 192.42.93.36:53
> Connection attempt to UDP xx.xx.x.xxx:44308 from 192.42.93.36:53
>
> i know that those connections are from dns but why kernel logs such thing.
> I have statufull firewall and all trafic to any port on UDP protocol are deny and
> only those UDP datagrams from my resolver are passed back through dynamics rules.
Which is your ip address? the "xxx" or the 192.42.93.36?
If you're address is the "xxx" then you're fine. DNS often uses the udp
protocol.
However, if it's the other way around and your address is 192.42...
then, it means that the upstream DNS server is trying to get updates from
you.
Are you running a DNS server yourself?
--$êrêciya Kurdistanî
+--------------------------------------------------------------+
| Welat xwe ava nake, dest bidin hevdu, pist nedin tu dijminî |
| Riya azadiyê ne hêsan e, hêviya xwe bernedin, dema me |
| nêzîk e. |
| |
| Hevaltî bi kesên du rû nekin, hevaltî bi hevdu ra bikin |
| Ne ji hevaltiya wan kesên pêxwas û rû dirêj, ne bi wan |
| kesên xwînperest, ne jî ji yên din. |
| |
| -$êrêciya Kurdistanî |
+--------------------------------------------------------------+
translation provided on request: sereciya at kurdistan.ath.cx
More information about the freebsd-security
mailing list