Date: Sun, 24 Oct 1999 18:48:38 -0500 From: "Mr Magoo" <mrmagoo@shotblast.com> To: <security@FreeBSD.ORG> Subject: RE: kernel patch to detect port scan, without turning on ports... Message-ID: <NDBBIDLEKDLILPNDNAEJIEKLCAAA.mrmagoo@shotblast.com> In-Reply-To: <199910240556.PAA55113@atdot.dotat.org>
next in thread | previous in thread | raw e-mail | index | archive | help
How would you go about making these messages go into a syslogd file? I've
never really understood howto put things into a log file with it.
BTW- can you do that same thing for ICMP's?
--
A.G. Russell IV wrote:
> Sorry if this is redundant,
> I'm looking for the kernel patch to allow detection of a port scan
without
> turning on each of the ports.
Execute the following
sysctl -w net.inet.tcp.log_in_vain=1
sysctl -w net.inet.udp.log_in_vain=1
You'll get a console log message whenever someone tries to reach a
port which isn't listening.
- mark
--------------------------------------------------------------------
I tried an internal modem, newton@atdot.dotat.org
but it hurt when I walked. Mark Newton
----- Voice: +61-4-1620-2223 ------------- Fax: +61-8-82231777 -----
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?NDBBIDLEKDLILPNDNAEJIEKLCAAA.mrmagoo>