does this error message mean anything bad?

Pietro Cerutti gahr at gahr.ch
Tue Feb 12 12:56:23 UTC 2008


Aryeh M. Friedman wrote:
> Limiting closed port RST response from 266 to 200 packets/second.

In the average case, someone is doing a portscan against you. In the
worst case, they're trying to do a DOS attack.

I suggest that you set the following sysctl variables

net.inet.tcp.blackhole=2
net.inet.udp.blackhole=1

and that you read the man page for blackhole(4).

P.S. this would better fit on freebsd-questions@

-- 
Pietro Cerutti

PGP Public Key:
http://gahr.ch/pgp

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 195 bytes
Desc: OpenPGP digital signature
Url : http://lists.freebsd.org/pipermail/freebsd-current/attachments/20080212/2517272a/signature.pgp


More information about the freebsd-current mailing list