Date: Thu, 23 Sep 1999 08:11:53 -0700 From: Matthew Hunt <mph@astro.caltech.edu> To: Chris Shenton <cshenton@uucom.com> Cc: freebsd-net@FreeBSD.ORG, freebsd-security@FreeBSD.ORG Subject: Re: Inetd -l: log *all* connection attempts (not just valid svcs) Message-ID: <19990923081153.B668@wopr.caltech.edu> In-Reply-To: <lfr9jpis9s.fsf_-_@Samizdat.uucom.com>; from Chris Shenton on Thu, Sep 23, 1999 at 11:03:59AM -0400 References: <lfr9jpis9s.fsf_-_@Samizdat.uucom.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, Sep 23, 1999 at 11:03:59AM -0400, Chris Shenton wrote: > I'd like a way to log *all* network connection attempts, especially > attempts to services which aren't defined. This would allow me to spot > people scanning my host (where only a few services are enabled). To log connections to ports with nothing listening, set "log_in_vain" to "YES" in /etc/rc.conf if it's in there, or do "sysctl -w net.inet.tcp.log_in_vain=1" as root. This is handled by the kernel, not inetd, because as you said, inetd is not aware of connections attempts to ports it's not listening to. -- Matthew Hunt <mph@astro.caltech.edu> * UNIX is a lever for the http://www.pobox.com/~mph/ * intellect. -J.R. Mashey To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19990923081153.B668>