Re: syslog/udp

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: John Hawkinson: "Re: syslog/udp"
• Previous message: Tim Newsham : "syslog/udp"
• Maybe in reply to: Tim Newsham : "syslog/udp"
• Next in thread: John Hawkinson: "Re: syslog/udp"

>   If you are running syslogd on your machine and you dont receive
> remote logging to that machine you should probably consider removing
> the remote function of the program.  Besides being another possible
> security risk a person may easily corrupt your audit logs though
> this port.  It is quite easy to send fake messages to the syslogd
> at any facility and level.  An easy way to fix this would probably
> be to change the line:
>     int nfds, readfds = FDMASK(funix) | inetm | klogm;

What exactly is the problem? How can we, who are without source code,
change this behavior?
------
Dave Hayes - Institutional Network & Communications - JPL/NASA - Pasadena CA
dave@elxr.jpl.nasa.gov       dave@jato.jpl.nasa.gov         ...usc!elroy!dxh

Truth (n.) - the most deadly weapon ever discovered by humanity. Capable
of destroying entire perceptual sets, cultures, and realities. Outlawed
by all governments everywhere. Possession is normally punishable by death.

• Next message: John Hawkinson: "Re: syslog/udp"
• Previous message: Tim Newsham : "syslog/udp"
• Maybe in reply to: Tim Newsham : "syslog/udp"
• Next in thread: John Hawkinson: "Re: syslog/udp"