[1368] in linux-security and linux-alert archive
[linux-security] Re: libc bugs (was Re: Distributions...)
???@ATHENA.MIT.EDU (Matt)
Sat Jan 4 11:44:49 1997
To: linux-security@tarsier.cv.nrao.edu
From: Matt <panzer@dhp.com>
Date: 2 Jan 1997 19:43:12 GMT
Resent-From: linux-security@redhat.com
Reply-To: linux-security@redhat.com
Marek Michalkiewicz <marekm@I17LINUXB.ISTS.PWR.WROC.PL> wrote:
: It seems that most of the RedHat 5.3.12 security patches are in the
: standard 5.4.17, except for the patch below. Also, there are more
: (different) fixes in 5.4.18 (check h_length against sizeof(sin_addr)
: in inet/rcmd.c and inet/rexec.c).
: + {
: + syslog(LOG_NOTICE|LOG_AUTH,
: + "Attempt to feed me an overlong A record. Probably a breakin attempt.");
: + host.h_length=4;
: + }
This came from the linux-server list. But reminded me of a something I
wanted to know about. Is there a standard for people to syslog possible
security violations? This would make it easier to find them in huge log
files with swatch or other monitoring tools.
[mod: Except for the LOG_AUTH "priority" field, probably not.... -- REW]
--
-Matt (panzer@dhp.com) -- DataHaven Project - http://www.dhp.com/
"That which can never be enforced should not be prohibited."