From owner-freebsd-questions@FreeBSD.ORG  Sat May 14 07:14:25 2005
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id BA58B16A4CE
	for <freebsd-questions@freebsd.org>;
	Sat, 14 May 2005 07:14:25 +0000 (GMT)
Received: from t-x.dignus.nl (t-x.dignus.nl [83.219.88.50])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 4D9FA43D77
	for <freebsd-questions@freebsd.org>;
	Sat, 14 May 2005 07:14:25 +0000 (GMT)
	(envelope-from colin@kenmore.kozy-kabin.nl)
Received: from localhost (localhost.dignus.nl [127.0.0.1])
	by t-x.dignus.nl (Safehouse) with ESMTP id AC4CD1A6AB
	for <freebsd-questions@freebsd.org>;
	Sat, 14 May 2005 09:14:21 +0200 (CEST)
Received: from kenmore.kozy-kabin.nl (colin-home [62.251.72.148])
	by t-x.dignus.nl (Safehouse) with ESMTP id DC6201A6AA
	for <freebsd-questions@freebsd.org>;
	Sat, 14 May 2005 09:14:20 +0200 (CEST)
Received: from kenmore.kozy-kabin.nl (localhost.kozy-kabin.nl [127.0.0.1])
	by kenmore.kozy-kabin.nl (Postfix) with ESMTP id ED8D36330
	for <freebsd-questions@freebsd.org>;
	Sat, 14 May 2005 09:14:20 +0200 (CEST)
Received: from localhost (colin@localhost)j4E7EKqd047299
	for <freebsd-questions@freebsd.org>;
	Sat, 14 May 2005 09:14:20 +0200 (CEST)
	(envelope-from colin@kenmore.kozy-kabin.nl)
Date: Sat, 14 May 2005 09:14:20 +0200
From: "Colin J. Raven" <colin@kenmore.kozy-kabin.nl>
To: FreeBSD Questions <freebsd-questions@freebsd.org>
Message-ID: <20050514090844.Q9329@kenmore.kozy-kabin.nl>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed
X-Virus-Scanned: by RemSPAMd at ph230.plushosting.nl
Subject: Strange kernel messages
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 14 May 2005 07:14:25 -0000

Hi all!
I occasionally get these in my daily security run output (which is 
worrying in itself)

Limiting closed port RST response from 1629 to 200 packets per second

the number of these can range from one or two, to sometimes 25 - 30 
although the latter case is rarer. Usually there's about six or so. 
These don't arrive every day, usually about once per week on average.

Is this an OS response to an attempted attack, limiting potential DDOS 
damage? That's how I'm reading it, but of course I'm guessing. If that 
*is* so, what mechanism is doing this?

FreeBSD 4.11 STABLE

Regards & TIA
-Colin