Date: Fri, 26 Jan 2001 13:40:34 -0600 From: Dave McKay <dave@mu.org> To: "Roberto Samarone Araujo (RSA)" <sama@supridad.com.br> Cc: freebsd-security@FreeBSD.ORG Subject: Re: ICMP attacks Message-ID: <20010126134034.A90752@elvis.mu.org> In-Reply-To: <003601c0878c$2ec00040$3cfdf2c8@nirvana>; from sama@supridad.com.br on Fri, Jan 26, 2001 at 08:36:10AM -0300 References: <NEBBIEGPMLMKDBMMICFNOEHBECAA.mit@mitayai.net> <003601c0878c$2ec00040$3cfdf2c8@nirvana>
next in thread | previous in thread | raw e-mail | index | archive | help
Roberto Samarone Araujo (RSA) (sama@supridad.com.br) wrote: > > > icmp-response bandwidth limit 261/200 pps > > > icmp-response bandwidth limit 268/200 pps > > > icmp-response bandwidth limit 205/200 pps > > > icmp-response bandwidth limit 223/200 pps > > Hi, > > Sometimes, when someone is trying to do a port scan, this > message appear so, if you want to know who is trying to make a port scan to > your FreeBSD box you can use the PortsEntry, it will log the ports scan. > You can compile it from the ports collection. This is almost surely nmap working its magic on your box, locally. That is not alot of ICMP you are getting, even for a dialup, it seems you, or one of your users is port scanning. -- Dave McKay dave@mu.org Microsoft Global Network Architect To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010126134034.A90752>