http://qa.mandrakesoft.com/show_bug.cgi?id=748
------- Additional Comments From [EMAIL PROTECTED] 2003-03-07 11:52 ------- Mar 7 11:40:56 spirit msec: ### Program is starting ### Mar 7 11:40:56 spirit msec: Reading local rules from /etc/security/msec/level.local Mar 7 11:40:56 spirit msec: Forbidding the X server to listen to tcp connection Mar 7 11:40:56 spirit msec: Allowing chkconfig --add from rpm Mar 7 11:40:57 spirit msec: Setting password maximum aging for new user to 180 Mar 7 11:40:57 spirit msec: Setting password maximum aging for root and users with id greater than 500 to 180 and delay to 10 days Mar 7 11:40:57 spirit msec: User root in password aging exception list Mar 7 11:40:57 spirit msec: User pascal in password aging exception list Mar 7 11:40:57 spirit msec: Allowing reboot to the console user Mar 7 11:40:57 spirit msec: Writing config files and then taking needed actions Mar 7 11:40:57 spirit msec: Fixing owners and permissions of files and directories Mar 7 11:40:57 spirit msec: Reading data from /usr/share/msec/perm.3 Mar 7 11:40:57 spirit msec: Reading data from /etc/security/msec/perm.local Mar 7 11:41:00 spirit CROND[4112]: (root) CMD ( /usr/share/msec/promisc_check.sh) Mar 7 11:42:00 spirit CROND[4128]: (root) CMD ( /usr/share/msec/promisc_check.sh) after setting bogus_gnagnagna to 1 and running msec : Mar 7 11:42:04 spirit msec: ### Program is starting ### Mar 7 11:42:04 spirit msec: Reading local rules from /etc/security/msec/level.local Mar 7 11:42:04 spirit msec: Forbidding the X server to listen to tcp connection Mar 7 11:42:04 spirit msec: Allowing chkconfig --add from rpm Mar 7 11:42:04 spirit msec: Setting password maximum aging for new user to 180 Mar 7 11:42:04 spirit msec: Setting password maximum aging for root and users with id greater than 500 to 180 and delay to 10 days Mar 7 11:42:04 spirit msec: User root in password aging exception list Mar 7 11:42:04 spirit msec: User pascal in password aging exception list Mar 7 11:42:04 spirit msec: Allowing reboot to the console user Mar 7 11:42:04 spirit msec: Writing config files and then taking needed actions Mar 7 11:42:04 spirit msec: Fixing owners and permissions of files and directories Mar 7 11:42:04 spirit msec: Reading data from /usr/share/msec/perm.3 Mar 7 11:42:04 spirit msec: Reading data from /etc/security/msec/perm.local content of sysctl.conf has not changed ! # cat /etc/sysctl.conf # Kernel sysctl configuration file for Mandrake Linux # # For binary values, 0 is disabled, 1 is enabled. See sysctl(8) and # sysctl.conf(5) for more details. # Controls IP packet forwarding net.ipv4.ip_forward = 0 # Disables IP dynaddr net.ipv4.ip_dynaddr = 0 # Disable ECN net.ipv4.tcp_ecn = 0 # Controls source route verification net.ipv4.conf.default.rp_filter = 1 # Controls the System Request debugging functionality of the kernel #kernel.sysrq = 0 # Controls whether core dumps will append the PID to the core filename. # Useful for debugging multi-threaded applications. kernel.core_uses_pid = 1 net.ipv4.icmp_ignore_bogus_error_responses=1 <<<<< BUG net.ipv4.conf.all.rp_filter=1 net.ipv4.icmp_echo_ignore_broadcasts=0 net.ipv4.icmp_echo_ignore_all=0 net.ipv4.conf.all.log_martians=1 kernel.sysrq=1 sys.dev.rtc.max-user-freq=1024 ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is. ------- Reminder: ------- assigned_to: [EMAIL PROTECTED] status: UNCONFIRMED creation_date: description: Jan 7 07:00:21 spirit msec: Accepting bogus icmp error responses Jan 7 07:00:21 spirit msec: set variable net.ipv4.icmp_ignore_bogus_error_responses to 1 in /etc/sysctl.conf Shouldn't it be Ignoring bogus icmp error responses instead of 'Accepting ' ?? I noticed several msg like that in the syslog doing msec level 3 to 4
