Date: Sun, 15 May 2005 05:15:36 -0600 From: Ed Stover <estover@nativenerds.com> To: "Colin J. Raven" <colin@kenmore.kozy-kabin.nl> Cc: FreeBSD Questions <freebsd-questions@freebsd.org> Subject: Re: Strange kernel messages Message-ID: <42872F58.3010802@nativenerds.com> In-Reply-To: <20050514090844.Q9329@kenmore.kozy-kabin.nl> References: <20050514090844.Q9329@kenmore.kozy-kabin.nl>
next in thread | previous in thread | raw e-mail | index | archive | help
Colin J. Raven wrote: > Hi all! > I occasionally get these in my daily security run output (which is > worrying in itself) > > Limiting closed port RST response from 1629 to 200 packets per second > > the number of these can range from one or two, to sometimes 25 - 30 > although the latter case is rarer. Usually there's about six or so. > These don't arrive every day, usually about once per week on average. You get those when someone nmaps you. What I do aside from FreeBSD's builtin anti-DOS stuff is; 1. Blackholeing 2.portsentry (it is kinda a honey pot but has some pretty neat features) > > Is this an OS response to an attempted attack, limiting potential DDOS > damage? yes it is. How heavily loaded is your server? >That's how I'm reading it, but of course I'm guessing. If that > *is* so, what mechanism is doing this? Others have answered this question allready ;) > > FreeBSD 4.11 STABLE > > Regards & TIA > -Colin > > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to > "freebsd-questions-unsubscribe@freebsd.org" >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?42872F58.3010802>