On Tue, Dec 13, 2016 at 11:19:18AM -0500, Michael Butler wrote: > On 12/13/16 11:15, Gary Palmer wrote: > > On Tue, Dec 13, 2016 at 10:43:27AM -0500, Michael Butler wrote: > >> On 12/13/16 10:29, Dimitry Andric wrote: > >> > >>> Somebody is most likely port scanning your machines. I see this all the > >>> time on boxes connected to the internet. > >> > >> As are mine. I wouldn't mind so much if the message contained sufficient > >> useful information that could be acted on, e.g. originating IP address > >> and, when appropriate, destination port. > > > > sysctl net.inet.tcp.log_in_vain=1 > > sysctl net.inet.udp.log_in_vain=1 > > > > be prepared for a lot of logs if you are being port scanned > > Or, apparently, have a windoze box on that segment :-( Windows client boxes at least do a lot of broadcasts, but in my experience they don't trigger log_in_vain (maybe they will if you have promisc network interfaces enabled). Not sure about servers as I don't have any at home. GaryReceived on Tue Dec 13 2016 - 16:25:02 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:41:09 UTC