Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 30 Dec 2003 19:13:48 +0300
From:      "Marwan Sultan" <Admin@kifco.net>
To:        "FreeBSD questions List" <freebsd-questions@freebsd.org>
Subject:   Prevent Port scaning
Message-ID:  <20031230160934.M41350@kifco.net>

Next in thread | Raw E-Mail | Index | Archive | Help

Hello Subscribers..

 Happy new year for all,

 My /var/log/messages  and /var/log/dmesg.today
 Is full of the following lines:

Limiting open port RST response from 332 to 200 packets per second
Limiting open port RST response from 212 to 200 packets per second
Limiting open port RST response from 204 to 200 packets per second

/kernel: Limiting open port RST response from 335 to 200 packets per second
/kernel: Limiting open port RST response from 250 to 200 packets per second
/kernel: Limiting open port RST response from 248 to 200 packets per second

Which means someone scanning my ports. (correct me if im wrong)

My question is:
How to prevent this? I asumed that I should put the IP in deny list.
But where is the IP?
I cannot find any IP in my logs that it shows who is doing the scan.
or trying to hack..or whatever,
Anyone can advise please?
Since once in past i post my server real IP on this list,
and this scanning didnot stop.

--
Marwan Sultan



Want to link to this message? Use this URL: <http://docs.FreeBSD.org/cgi/mid.cgi?20031230160934.M41350>