From owner-freebsd-hackers Wed Sep 3 23:00:54 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.7/8.8.7) id XAA07887 for hackers-outgoing; Wed, 3 Sep 1997 23:00:54 -0700 (PDT) Received: from ot.stpn.soft.net (freebie.opentech.stpn.soft.net [204.143.126.74]) by hub.freebsd.org (8.8.7/8.8.7) with SMTP id XAA07875; Wed, 3 Sep 1997 23:00:39 -0700 (PDT) Received: from andes (andes.opentech.stpn.soft.net [204.143.126.66]) by ot.stpn.soft.net (8.6.12/8.6.12) with ESMTP id LAA11479; Thu, 4 Sep 1997 11:33:43 +0530 Message-ID: <340EE174.C45D396F@opentech.stpn.soft.net> Date: Thu, 04 Sep 1997 11:27:33 -0500 From: Prashant Dongre Reply-To: pdongre@opentech.stpn.soft.net X-Mailer: Mozilla 4.01 [en] (WinNT; I) MIME-Version: 1.0 To: ArkanoiD CC: firewalls@greatcircle.com, freebsd-security@FreeBSD.ORG, freebsd-hackers@FreeBSD.ORG Subject: Re: log connection attempts? X-Priority: 3 (Normal) References: <203609030840.MAA14571@paranoid.convey.ru> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-hackers@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk ArkanoiD wrote: > nuqneH, > > Did anyone try to patch the kernel to log connection attempts for ports > (tcp and maybe udp) where no program accepts connection? (2.1.7) > > I _know_ i can do nearly the same with IP filtering/logging but i > prefer another way.. > > -- > _ _ _ _ _ _ _ > {::} {::} {::} CU in Hell _| o |_ | | _|| | / _||_| |_ |_ |_ > (##) (##) (##) /Arkan#iD |_ o _||_| _||_| / _| | o |_||_||_| > > [||] [||] [||] Do i believe in Bible? Hell,man,i've seen one! Have you configured kernel for IPFW (IP Firewall) ?. IPFW does log connection attempts for the ports which are blocked for a network. Messages get into /var/log/messages and also displayed on the console. Prashant