Date: Thu, 18 Mar 1999 15:04:42 -0800 From: "Steven Alexander" <steve@cell2000.net> To: <alphen@craxx.com> Cc: <freebsd-security@freebsd.org> Subject: Re: unknown connection attempts from localhost Message-ID: <000801be7193$b5bf58e0$1502110a@matrice>
next in thread | raw e-mail | index | archive | help
It isn't sending UDP packets to random ports. Your logs are showing that a host was looked up from UDP port 1645/1739 and that yoru DNS replied to them. The 'connection attempt' is used for a lack of a better term. As UDP is connectionless, the replies from the DNS server show up as connection attempts. This is standard behavior when using net.inet.*.log_in_vain=1 -steven >We see those too: > >> [snip] Connection attempt to UDP 127.0.0.1:1645 from 127.0.0.1:53 >> [snip] Connection attempt to UDP 127.0.0.1:1739 from 127.0.0.1:53 > >That's bind for sure, dunno why it's sending UDP packets to random >1024 >ports. Note that the 'connection attempt' is misleading: UDP is >connectionless. > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?000801be7193$b5bf58e0$1502110a>