Kernel Log Message

Steven Howe showe at metrocastcablevision.com
Fri Feb 25 14:19:15 GMT 2005 

Your machine is getting hit with a lot of SYN packets, and sending RST 
packets in return (lots of them)

this is usually dude to a portscan, but may be different in your situation.
To stop it, add the following lines to /etc/sysctl.conf

net.inet.tcp.blackhole=2
net.inet.udp.blackhole=1




Regards,

stevenrh

Cody Holland wrote:

>I keep getting the following kernel log messages in my daily security
>run output.
>xxx.xxx.xxx.xxx kernel log messages:
>  
>
>>Limiting closed port RST response from 283 to 200 packets/sec Limiting
>>    
>>
>
>  
>
>>closed port RST response from 283 to 200 packets/sec Limiting closed 
>>port RST response from 235 to 200 packets/sec Limiting closed port RST
>>    
>>
>
>  
>
>>response from 256 to 200 packets/sec Limiting closed port RST response
>>    
>>
>
>  
>
>>from 275 to 200 packets/sec Limiting closed port RST response from 256
>>    
>>
>
>  
>
>>to 200 packets/sec Limiting closed port RST response from 284 to 200 
>>packets/sec Limiting closed port RST response from 262 to 200 
>>packets/sec Limiting closed port RST response from 254 to 200 
>>packets/sec Limiting closed port RST response from 277 to 200 
>>packets/sec Limiting closed port RST response from 254 to 200 
>>packets/sec Limiting closed port RST response from 286 to 200 
>>packets/sec Limiting closed port RST response from 254 to 200 
>>packets/sec Limiting closed port RST response from 221 to 200 
>>packets/sec Limiting closed port RST response from 263 to 200 
>>packets/sec Limiting closed port RST response from 262 to 200 
>>packets/sec Limiting closed port RST response from 264 to 200 
>>packets/sec Limiting closed port RST response from 234 to 200 
>>packets/sec Limiting closed port RST response from 233 to 200 
>>packets/sec Limiting closed port RST response from 256 to 200 
>>packets/sec Limiting closed port RST response from 283 to 200 
>>packets/sec Limiting closed port RST response from 254 to 200 
>>packets/sec Limiting closed port RST response from 233 to 200 
>>packets/sec Limiting closed port RST response from 262 to 200 
>>packets/sec Limiting closed port RST response from 283 to 200 
>>packets/sec Limiting closed port RST response from 283 to 200 
>>packets/sec Limiting closed port RST response from 254 to 200 
>>packets/sec Limiting closed port RST response from 233 to 200 
>>packets/sec Limiting closed port RST response from 262 to 200 
>>packets/sec Limiting closed port RST response from 253 to 200 
>>packets/sec Limiting closed port RST response from 262 to 200 
>>packets/sec Limiting closed port RST response from 276 to 200 
>>packets/sec Limiting closed port RST response from 253 to 200 
>>packets/sec Limiting closed port RST response from 283 to 200 
>>packets/sec Limiting closed port RST response from 257 to 200 
>>packets/sec Limiting closed port RST response from 254 to 200 
>>packets/sec Limiting closed port RST response from 236 to 200 
>>packets/sec Limiting closed port RST response from 234 to 200 
>>packets/sec Limiting closed port RST response from 262 to 200 
>>packets/sec Limiting closed port RST response from 260 to 200 
>>packets/sec Limiting closed port RST response from 253 to 200 
>>packets/sec Limiting closed port RST response from 253 to 200 
>>packets/sec Limiting closed port RST response from 283 to 200 
>>packets/sec Limiting closed port RST response from 254 to 200 
>>packets/sec Limiting closed port RST response from 234 to 200 
>>packets/sec Limiting closed port RST response from 257 to 200 
>>packets/sec Limiting closed port RST response from 283 to 200 
>>packets/sec Limiting closed port RST response from 235 to 200 
>>packets/sec Limiting closed port RST response from 283 to 200 
>>packets/sec Limiting closed port RST response from 238 to 200 
>>packets/sec Limiting closed port RST response from 283 to 200 
>>packets/sec Limiting closed port RST response from 256 to 200 
>>packets/sec Limiting closed port RST response from 263 to 200 
>>packets/sec Limiting closed port RST response from 286 to 200 
>>packets/sec Limiting closed port RST response from 256 to 200 
>>packets/sec Limiting closed port RST response from 284 to 200 
>>packets/sec Limiting closed port RST response from 265 to 200 
>>packets/sec Limiting closed port RST response from 256 to 200 
>>packets/sec Limiting closed port RST response from 275 to 200 
>>packets/sec Limiting closed port RST response from 253 to 200 
>>packets/sec Limiting closed port RST response from 233 to 200 
>>packets/sec Limiting closed port RST response from 262 to 200 
>>packets/sec Limiting closed port RST response from 234 to 200 
>>packets/sec Limiting closed port RST response from 260 to 200 
>>packets/sec Limiting closed port RST response from 285 to 200 
>>packets/sec Limiting closed port RST response from 254 to 200 
>>packets/sec Limiting closed port RST response from 233 to 200 
>>packets/sec Limiting closed port RST response from 262 to 200 
>>packets/sec Limiting closed port RST response from 276 to 200 
>>packets/sec Limiting closed port RST response from 253 to 200 
>>packets/sec Limiting closed port RST response from 262 to 200 
>>packets/sec Limiting closed port RST response from 286 to 200 
>>packets/sec Limiting closed port RST response from 233 to 200 
>>packets/sec Limiting closed port RST response from 275 to 200 
>>packets/sec Limiting closed port RST response from 233 to 200 
>>packets/sec Limiting closed port RST response from 288 to 200 
>>packets/sec Limiting closed port RST response from 233 to 200 
>>packets/sec Limiting closed port RST response from 283 to 200 
>>packets/sec Limiting closed port RST response from 233 to 200 
>>packets/sec Limiting closed port RST response from 262 to 200 
>>packets/sec Limiting closed port RST response from 283 to 200 
>>packets/sec Limiting closed port RST response from 283 to 200 
>>packets/sec Limiting closed port RST response from 283 to 200 
>>packets/sec Limiting closed port RST response from 256 to 200 
>>packets/sec Limiting closed port RST response from 283 to 200 
>>packets/sec Limiting closed port RST response from 253 to 200 
>>packets/sec Limiting closed port RST response from 233 to 200 
>>packets/sec Limiting closed port RST response from 262 to 200 
>>packets/sec Limiting closed port RST response from 283 to 200 
>>packets/sec Limiting closed port RST response from 253 to 200 
>>packets/sec Limiting closed port RST response from 240 to 200 
>>packets/sec Limiting closed port RST response from 264 to 200 
>>packets/sec Limiting closed port RST response from 262 to 200 
>>packets/sec Limiting closed port RST response from 283 to 200 
>>packets/sec Limiting closed port RST response from 283 to 200 
>>packets/sec Limiting closed port RST response from 253 to 200 
>>packets/sec Limiting closed port RST response from 257 to 200 
>>packets/sec Limiting closed port RST response from 284 to 200 
>>packets/sec Limiting closed port RST response from 236 to 200 
>>packets/sec Limiting closed port RST response from 283 to 200 
>>packets/sec Limiting closed port RST response from 253 to 200 
>>packets/sec Limiting closed port RST response from 263 to 200 
>>packets/sec Limiting closed port RST response from 283 to 200 
>>packets/sec Limiting closed port RST response from 233 to 200 
>>packets/sec Limiting closed port RST response from 276 to 200 
>>packets/sec Limiting closed port RST response from 253 to 200 
>>packets/sec Limiting closed port RST response from 234 to 200 
>>packets/sec Limiting closed port RST response from 283 to 200 
>>packets/sec Limiting closed port RST response from 285 to 200 
>>packets/sec Limiting closed port RST response from 257 to 200 
>>packets/sec Limiting closed port RST response from 283 to 200 
>>packets/sec Limiting closed port RST response from 253 to 200 
>>packets/sec Limiting closed port RST response from 233 to 200 
>>packets/sec Limiting closed port RST response from 283 to 200 
>>packets/sec Limiting closed port RST response from 254 to 200 
>>packets/sec Limiting closed port RST response from 233 to 200 
>>packets/sec Limiting closed port RST response from 263 to 200 
>>packets/sec Limiting closed port RST response from 284 to 200 
>>packets/sec Limiting closed port RST response from 220 to 200 
>>packets/sec Limiting closed port RST response from 234 to 200 
>>packets/sec Limiting closed port RST response from 262 to 200 
>>packets/sec Limiting closed port RST response from 234 to 200 
>>packets/sec Limiting closed port RST response from 283 to 200 
>>packets/sec Limiting closed port RST response from 253 to 200 
>>packets/sec Limiting closed port RST response from 283 to 200 
>>packets/sec Limiting closed port RST response from 236 to 200 
>>packets/sec Limiting closed port RST response from 247 to 200 
>>packets/sec Limiting closed port RST response from 259 to 200 
>>packets/sec Limiting closed port RST response from 272 to 200 
>>packets/sec Limiting closed port RST response from 287 to 200 
>>packets/sec Limiting closed port RST response from 256 to 200 
>>packets/sec Limiting closed port RST response from 276 to 200 
>>packets/sec Limiting closed port RST response from 253 to 200 
>>packets/sec Limiting closed port RST response from 233 to 200 
>>packets/sec Limiting closed port RST response from 283 to 200 
>>packets/sec Limiting closed port RST response from 275 to 200 
>>packets/sec Limiting closed port RST response from 235 to 200 
>>packets/sec Limiting closed port RST response from 266 to 200 
>>packets/sec Limiting closed port RST response from 233 to 200 
>>packets/sec Limiting closed port RST response from 234 to 200 
>>packets/sec Limiting closed port RST response from 263 to 200 
>>packets/sec Limiting closed port RST response from 276 to 200 
>>packets/sec Limiting closed port RST response from 234 to 200 
>>packets/sec Limiting closed port RST response from 253 to 200 
>>packets/sec Limiting closed port RST response from 233 to 200 
>>packets/sec Limiting closed port RST response from 257 to 200 
>>packets/sec Limiting closed port RST response from 241 to 200 
>>packets/sec Limiting closed port RST response from 253 to 200 
>>packets/sec Limiting closed port RST response from 234 to 200 
>>packets/sec Limiting closed port RST response from 276 to 200 
>>packets/sec Limiting closed port RST response from 253 to 200 
>>packets/sec Limiting closed port RST response from 283 to 200 
>>packets/sec Limiting closed port RST response from 253 to 200 
>>packets/sec Limiting closed port RST response from 266 to 200 
>>packets/sec Limiting closed port RST response from 283 to 200 
>>packets/sec Limiting closed port RST response from 233 to 200 
>>packets/sec Limiting closed port RST response from 268 to 200 
>>packets/sec Limiting closed port RST response from 287 to 200 
>>packets/sec Limiting closed port RST response from 262 to 200 
>>packets/sec Limiting closed port RST response from 253 to 200 
>>packets/sec Limiting closed port RST response from 276 to 200 
>>packets/sec Limiting closed port RST response from 236 to 200 
>>packets/sec Limiting closed port RST response from 255 to 200 
>>packets/sec Limiting closed port RST response from 253 to 200 
>>packets/sec Limiting closed port RST response from 275 to 200 
>>packets/sec Limiting closed port RST response from 236 to 200 
>>packets/sec Limiting closed port RST response from 285 to 200 
>>packets/sec Limiting closed port RST response from 240 to 200 
>>packets/sec Limiting closed port RST response from 279 to 200 
>>packets/sec Limiting closed port RST response from 233 to 200 
>>packets/sec Limiting closed port RST response from 226 to 200 
>>packets/sec Limiting closed port RST response from 263 to 200 
>>packets/sec Limiting closed port RST response from 284 to 200 
>>packets/sec Limiting closed port RST response from 262 to 200 
>>packets/sec Limiting closed port RST response from 233 to 200 
>>packets/sec Limiting closed port RST response from 262 to 200 
>>packets/sec Limiting closed port RST response from 286 to 200 
>>packets/sec Limiting closed port RST response from 233 to 200 
>>packets/sec Limiting closed port RST response from 233 to 200 
>>packets/sec Limiting closed port RST response from 284 to 200 
>>packets/sec
>>    
>>
>
>Is this what it is supposed to show?
>
>Cody
>_______________________________________________
>freebsd-questions at freebsd.org mailing list
>http://lists.freebsd.org/mailman/listinfo/freebsd-questions
>To unsubscribe, send any mail to "freebsd-questions-unsubscribe at freebsd.org"
>
>
>  
>

More information about the freebsd-questions mailing list