Subject: Re: Getting rid of messages to console
To: Grant Stockly <gussie@stockly.com>
From: Steve Woodford <steve@mctavish.co.uk>
List: netbsd-users
Date: 12/04/1999 11:58:12
On Fri, 3 Dec 1999, Grant Stockly wrote:
> I'm getting tons of console messages on my NetBSD boxes. There is a person
> sending out mass port scans to the computers on the cable modem I'm a part
> of.
>
> I tried changing the entry in syslog.conf from /dev/console to
> /var/log/consolelog (I created a file for it) and it still outputs messages
> to the console.
The "quick-n-dirty" fix for this is to edit /etc/rc.conf and change the
inetd_flags and portmap_flags entries from "-l" to simply "".
However, from your description of the cause (possible port scans on your
cable-modem segment), I *STRONGLY* recommend leaving these flags alone and
setting up ipfilter instead to stop these possibly malicious packets
getting through.
Check /usr/share/examples/ipf for hints on how to set up ipfilter.
Cheers, Steve