SuSE Support Database

Title: No net access entries in the syslog files.

---

Mainpage ---- Searchform ---- History ---- Versions ---- Categories ---- Contents
Deutsch
---

No net access entries in the syslog files.

S.u.S.E. Linux 4.2 uses the syslog daemon version 1.3. In this version, the option -r has the opposite meaning to the previous ones. In the new version the option -r must be set, if the syslog messages by TCP/IP daemonsd should be protocoled.

Reason for this change:
Syslog messages by TCP/IP daemons, that are protocoled, enable by a selective access (e.g. finger) to increase the syslog files with messages. The partition, in which the syslog files are, can so overrun. This was used by some hackers, to bring a system into a crash.

If you nevertheless want to take the risk, then change in /sbin/init.d/syslog the line:

                /usr/sbin/syslogd
and add the option -r:
                /usr/sbin/syslogd -r

---

See also:

---

Keywords: SYSLOG, SYSLOGD, NET, NET ACCESS, SECURITY

---

Feedback welcome: Send Mail to werner@suse.de (Please give the following subject: SDB-syslog)

---

Mainpage ---- Searchform ---- History ---- Versions ---- Categories ---- Contents
Deutsch
---

SDB-syslog, Copyright SuSE GmbH, Nuremberg, Germany - Version:
Impressum - Last generated: 24. Feb 1999 15:27:34 by maddin with sdb_gen 1.00.0