From owner-freebsd-questions Wed Jun 20 18:34:34 2001 Delivered-To: freebsd-questions@freebsd.org Received: from citadel.simphost.com (citadel.simphost.com [216.253.163.10]) by hub.freebsd.org (Postfix) with ESMTP id A2EE537B401 for ; Wed, 20 Jun 2001 18:34:30 -0700 (PDT) (envelope-from jslivko@jmslivko.org) Received: by citadel.simphost.com (Postfix, from userid 1022) id 0528424D11; Wed, 20 Jun 2001 21:38:25 -0400 (EDT) Received: from localhost (localhost [127.0.0.1]) by citadel.simphost.com (Postfix) with ESMTP id E2A2320F04; Wed, 20 Jun 2001 21:38:25 -0400 (EDT) Date: Wed, 20 Jun 2001 21:38:19 -0400 (EDT) From: "Jonathan M. Slivko" X-X-Sender: To: Ling Ling Cc: Subject: Re: Syslog server questions In-Reply-To: <009601c0f9ed$2b454820$25904bca@ewebasia.com> Message-ID: <20010620213718.U30840-100000@citadel.simphost.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Have you checked what is running on port 48937? It could be a trojan of some sort, I don't know. I would suggest checking into that possibility. BTW, 4.3-STABLE is out :). HTH, -- Jonathan - --------------------------------------------------------- | Jonathan M. Slivko | e-mail: jslivko@jmslivko.org | | Technical Support | Black Lotus Communications | | Server Administrator | AsylumNet IRC Networks | | phone: (212) 726-3516 | web: http://www.jmslivko.org | | NIC Handle: JSR730 | FreeBSD - The Power to Serve | - --------------------------------------------------------- PGP key is available @ http://www.jmslivko.org/jslivko.asc On Thu, 21 Jun 2001, Ling Ling wrote: > Hi, > > I am configuring my FreeBSD 4.2-REL as the syslogd server in my local LAN, to collect messaegs from Cisco router, RedHat 71., and Solaris 8 server. As usual, I redirect all my syslog messages to the FreeBSD machine. Things went fine with the RedHat machine, but Cisco router and Solaris gave some error messages as follows: > > cvthname(202.1.2.3) > validate: dgram from IP 202.1.2.3, port 48937, name abc.com; > rejected in rule 0 due to port mismatch. > rejected in rule 1 due to port mismatch. > > Syslogd command: > --------------------------- > # syslogd -a 202.1.2.3 -a 202.1.2.4 > > which 202.1.2.3 is a Solaris 8 machine and 202.1.2.4 is a cisco router. > > I don't have any idea in this because I do not have a firewall installed in that machine. > > I appreciate a lot in advance for those who will help me .. > > Regards, > Chan > -----BEGIN PGP SIGNATURE----- Version: PGP 6.5.8 Comment: Made with pgp4pine 1.75 iQA/AwUBOzFQEFbZ0BAEOk7TEQL1RgCgsdfw26HHL8QED+3S+ymoDM/wedgAoLJA /FJaSTkOJ74i7rVl7z54j+Yd =kYc9 -----END PGP SIGNATURE----- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message