Date: Sat, 22 Aug 1998 05:55:35 -0700 (PDT) From: "Timothy R. Platt" <tplatt@nethampton.com> To: security@FreeBSD.ORG Subject: Re: Scaring the bezeesus out of your system admin as a normal user: Message-ID: <v04003a02b20588b40c80@[204.141.112.245]> In-Reply-To: <Pine.BSF.3.96.980821183339.26762D-100000@Tyr.office.EFN.org> References: <199808211915.MAA18409@hub.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Seems to me that if you specify -s, not only do you reject incoming packets, but you are prevented from sending packets to a remote logging machine as well. -a will cause syslog to accept packets from a remote machine which would be ignored by default. Tim >On Fri, 21 Aug 1998, Jon Hamilton wrote: >> >> That doesn't address remote logging, however. > >No, but I think this does help that. > > -s Operate in secure mode. Do not listen for log message from re- > mote machines. > >Of course, if you specify this you have no remote troubles at all. If you >specify this and -a you only have to deal with people spoofing udp datagrams >which is almost unavoidable unless you firewall incoming udp packets at your >border router. > > -ben@efn.org > >> >> Jon Hamilton >> hamilton@pobox.com > > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe freebsd-security" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?v04003a02b20588b40c80>