Displaying 10 results from an estimated 10 matches for "log_in_vain".
2004 Jan 09
1
Problem with DNS (UDP) queries
Hi all
I am trying to get rid of strings:
kernel: Connection attempt to UDP FREEBSD_IP:port from DNSSERVER_IP:53
on my console and in log file
I understand that those are replies on DNS queries that for some reason
took too long time to be answered.
I do not want to turn off the "log in vain" feature.
As these strings fill up my log I am afraid to miss some sensitive
messages (e.g.
2004 Apr 17
7
Is log_in_vain really good or really bad?
Heya..
Yesterday someone "attacked" by box by connection to several ports.. In
other words, a simple portscan.. yet, since my box has "log_in_vain"
enabled, so it tries to log everything to /var/log/messages, since the
logfile got full and the size went over 100K, it tried to rotate the log
to save diskspace.
(Apr 16 21:00:00 omikron newsyslog[32137]: logfile turned over due to
size>100K)
My server box is a Intel Celeron 733Mhz, 384...
2003 Apr 14
3
strange connection attempts
hello,
I have turned on sysctls variables:
net.inet.tcp.log_in_vain: 1
net.inet.udp.log_in_vain: 1
And i have plenty of strange connection attempts on udp protocol
Connection attempt to UDP xx.xx.x.xxx:55414 from 192.43.172.34:53
Apr 13 23:56:53 pals /kernel: Connection attempt to UDP xx.xx.x.xxx:55414 from 192.43.172.34:53...
2003 May 26
2
sshd doing dns queries on localhost?
...1.1.11.10.in-addr.arpa. (41)
13:23:21.120784 PUBLIC_IP.4526 > PUBLIC_IP.53: 52788+ PTR?
11.1.11.10.in-addr.arpa. (41)
This is very weird because resolv.conf points to another server. Also,
the capture is from lo0.
Not that I see a security problem here (just the annoyance of this
filling my log_in_vain logs), but I'm curious about the reason; at least didn't
find any clue looking at source.
May 26 13:23:21 X /kernel: Connection attempt to UDP PUBLIC_IP:53 from PUBLIC_IP:4523
May 26 13:23:21 X /kernel: Connection attempt to UDP PUBLIC_IP:53 from PUBLIC_IP:4524
May 26 13:23:21 X /kernel: C...
2009 Dec 16
0
dhclient and pf/ipf/ipfw
Hi all.
I recently turned net.inet.udp.log_in_vain on on some of my boxen and
have been seeing UDP connection attempts to port 67 on the local host.
This initially seemed odd, as the target ip addres was indeed that of a
DHCP-configured interface and the source address was that of my DHCP
server. However, it turns out this is totally valid, as dhcl...
2003 Jun 12
1
NIC has IP, but has "no carrier"
....168.80 link#1 UC 1 0 vr0
192.168.80.100 link#1 UHLW 1 0 vr0
/etc/rc.conf contains the following lines, among others:
-----------------------------------------
hostname="blah.server.net"
tcp_extensions="NO"
log_in_vain="NO"
tcp_keepalive="NO"
network_interfaces="auto"
ifconfig_lo0="inet 127.0.0.1"
ifconfig_vr0="inet 192.168.80.222 netmask 255.255.255.0"
defaultrouter="192.168.80.100"
gateway_enable="NO"
I also tried adding " media auto&qu...
2004 Feb 13
3
SYN Attacks - how i cant stop it
Hi,
I got this error when i tried to type for some of those.
"sysctl: unknown oid...." any idea..
my server seems to be very lagged, where else
the network connection seems fine, i think BSD
itself as my other redhat box is fine.
What else can i do to get optimum protection.
Thanks.
----- Original Message -----
From: "Per Engelbrecht" <per@xterm.dk>
To:
2009 Jan 26
2
FreeBSD-7.1STABLE w/BIND-9.4.3-P1 start problem
...;
defaultrouter="122.254.1x.x"
keymap="us.iso"
moused_enable="YES"
moused_flags="-3"
moused_port="/dev/psm0"
moused_type="auto"
saver="logo"
sshd_enable="YES"
usbd_enable="YES"
sendmail_enable="NONE"
log_in_vain="YES"
named_enable="YES"
#named_flags="-u bind -t /etc/namedb/sandbox -c named.conf -d 9"
named_flags="-c named.conf"
#syslogd_flags="-ss -l /etc/namedb/sandbox/dev/log"
#named_pidfile="/var/named/run/named/pid" # Must set this in named.co...
2003 Nov 03
3
(long) high traffic syslog server.
...eudo-ttys (telnet etc)
pseudo-device md # Memory "disks"
pseudo-device bpf #Berkeley packet filter
same random stuff from /etc/sysctl.conf
net.inet.udp.recvspace=84160
net.inet.tcp.blackhole=1
net.inet.udp.blackhole=1
net.inet.icmp.log_redirect=1
net.inet.tcp.log_in_vain=1
Is this too much info btw?
I just wanted to make sure i didn't get a, not enough info
reply, sorry if this was too much.
2006 Apr 12
1
powerd not behaving with an Asus A8V-MX and Athlon 64 X2 3800+
...init: 75000
net.inet.tcp.delacktime: 100
net.inet.tcp.v6mssdflt: 1024
net.inet.tcp.hostcache.cachelimit: 15360
net.inet.tcp.hostcache.hashsize: 512
net.inet.tcp.hostcache.bucketlimit: 30
net.inet.tcp.hostcache.count: 0
net.inet.tcp.hostcache.expire: 3600
net.inet.tcp.hostcache.purge: 0
net.inet.tcp.log_in_vain: 0
net.inet.tcp.blackhole: 0
net.inet.tcp.delayed_ack: 1
net.inet.tcp.rfc3042: 1
net.inet.tcp.rfc3390: 1
net.inet.tcp.insecure_rst: 0
net.inet.tcp.reass.maxsegments: 1600
net.inet.tcp.reass.cursegments: 0
net.inet.tcp.reass.maxqlen: 48
net.inet.tcp.reass.overflows: 0
net.inet.tcp.path_mtu_discovery...