[1576] in bugtraq
Re: syslog (WAS: chroot'ed environment?)
daemon@ATHENA.MIT.EDU (Tom Fitzgerald)
Fri Apr 21 22:11:06 1995
From: Tom Fitzgerald <fitz@wang.com>
To: bugtraq@fc.net
Date: Fri, 21 Apr 95 19:52:56 EDT
In-Reply-To: <199504210059.JAA09483@hibiya>; from "Marc Samama" at Apr 21, 95 9:59 am
> The only thing that bothers me is that I didnt want syslogd to listen on its
> UDP port, but i guess I will just check the address of the incoming packets
> against the loopback address. (Didn't try that yet, thougth.)
Packets can be made to show up on your ethernet port with 127.0.0.1 as the
source and destination.
Though I guess if you make sure that the packets have loopback for both
source and destination, and make sure that there are no source-routing
options, then either spoofed packets have from systems on the local LAN, or
your routers have been hacked.
--
Tom Fitzgerald 1-508-967-5278 Wang Labs, Lowell MA, USA fitz@wang.com
