Clutter in log files, bogus connections

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Clutter in log files, bogus connections

Hal Murray

I see a lot of clutter in log files from things like
  error:1408F10B:SSL routines:ssl3_get_record:wrong version number
I assume they are from bad guys probing for openings.

Is the error code returned by ERR_get_error() constant across releases?  Can I
compile magic constants like 1408F10B into my code?  If not, is there a
suggested approach?

Is there a list of well known attacks and their error codes?


--
These are my opinions.  I hate spam.



Reply | Threaded
Open this post in threaded view
|

Re: Clutter in log files, bogus connections

Kurt Roeckx
On Sat, Nov 23, 2019 at 04:42:50PM -0800, Hal Murray wrote:
>
> I see a lot of clutter in log files from things like
>   error:1408F10B:SSL routines:ssl3_get_record:wrong version number
> I assume they are from bad guys probing for openings.
>
> Is the error code returned by ERR_get_error() constant across releases?  Can I
> compile magic constants like 1408F10B into my code?  If not, is there a
> suggested approach?

Use ERR_GET_LIB(error) == ERR_LIB_SSL && ERR_GET_REASON(error) == SSL_R_WRONG_VERSION_NUMBER.


Kurt