[650] in linux-security and linux-alert archive
Re: [linux-security] Summary re: syslogd spam
daemon@ATHENA.MIT.EDU (Cy Schubert - ITSD Open Systems Gr)
Tue Apr 2 18:07:43 1996
Resent-From: Jeff Uphoff <juphoff@tarsier.cv.nrao.edu>
Resent-To: linux-security@tarsier.cv.nrao.edu
In-reply-to: Your message of "Thu, 28 Mar 96 15:03:31 EST."
<199603282003.PAA16255@tarsier.cv.nrao.edu>
Reply-to: cschuber@orca.gov.bc.ca
From: Cy Schubert - ITSD Open Systems Group <cschuber@uumail.gov.bc.ca>
To: Jeff Uphoff <juphoff@tarsier.cv.nrao.edu>
cc: Olaf Kirch <okir@monad.swb.de>, linux-security@tarsier.cv.nrao.edu
Date: Tue, 02 Apr 96 07:10:09 -0800
[Mod: Quoting trimmed. --Jeff.]
> Just an FYI on this subject (since nobody has mentioned it yet)...Greg
> Wettstein's sysklogd v1.3--released late last month--has an internal
> disable for remote logging. From a beta release's README:
Many of these features, though nice to have, are redundant.
1. IP firewalling is already built into the kernel. All you need to do is
block port 514.
2. What if you want to allow some hosts to log to your server while disallowing
the reset of the Internet? There are two possible solutions. Either use IP
firewalling already built into the kernel or build a TCP/Wrapper interface into
sysklogd. Using the existing IP firewall code already in the kernel is cheaper
(less effort). (Why not enable the firewall code in the kernel by default?)
Regards, Phone: (604)389-3827
Cy Schubert OV/VM: BCSC02(CSCHUBER)
Open Systems Support BITNET: CSCHUBER@BCSC02.BITNET
ITSD Internet: cschuber@uumail.gov.bc.ca
cschuber@bcsc02.gov.bc.ca
"Quit spooling around, JES do it."
