Date: Fri, 19 Oct 2001 00:29:22 +0300 From: Giorgos Keramidas <charon@labs.gr> To: Mark Drayton <mark.drayton@izr.com> Cc: Hanno Liem <freebsd@dark4ce.com>, freebsd-questions@FreeBSD.ORG Subject: Re: Syslog questions Message-ID: <20011019002921.B9820@hades.hell.gr> In-Reply-To: <20011015221008.A36840@drex.staff.izr.com> References: <20011015135221.E48004@dark4ce.com> <20011015221008.A36840@drex.staff.izr.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Mark Drayton <mark.drayton@izr.com> wrote: > Hanno Liem (freebsd@dark4ce.com) wrote: > > I have a few questions regarding Syslog: > > > > 1. I know it is possible to send a syslog to a different machine; does > > this have any security implications? > > AFAIK the only security issues are DOS based. An attacker could send > enough log messages to a remote host to fill its disk/partition up. You > should only allow trusted clients to log to this remote machine by using > the -a flag to syslogd or a firewall such as ipfw. Or both methods of limiting access to syslogd's listening port. Adding more layers to your security model is always a nice idea. Just my $0.02 -giorgos To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20011019002921.B9820>