[2648] in bugtraq
Re: syslogd
daemon@ATHENA.MIT.EDU (Nelson Escravana)
Mon Jun 3 04:47:22 1996
Date: Wed, 29 May 1996 02:49:18 GMT
Reply-To: Bugtraq List <BUGTRAQ@NETSPACE.ORG>
From: Nelson Escravana <l39915@alfa.ist.utl.pt>
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@NETSPACE.ORG>
At 03:28 PM 5/28/96 -0400, you wrote:
>What solutions have people used to restrict which hosts can send stuff
>to their syslogd?
>
1) Install a Firewall in your network
2) The easy one!!! give the comand:
mknod /etc/whatever p
to create a named pipe, edit /etc/syslog.conf , quote every line out, and
cretate one:
*.* /etc/whatever
Then write a small program to:
1. Open the File.
2. Wait for input
3. Filter that input
4. Write what you want, on your LOG file.
5. get back to 2.
I ve something like that working, but everything is hardcoded...
This is not the BEST way to solve it... but it works, WARNING: launch your
program FIRST than
syslogd, or syslogd, will be killed, cuz there's no one reading the pipe!!
for an eg. give me a mail!
----------------------------------------------------------------------------
-------------------------------------------------------
Nelson Escravana - IST - Electronic Eng. Student l39915@alfa.ist.utl.pt
PGP Availabel on request.
I know not with what weapons World War III will be fought.
But World War IV wil be fought with sticks and stones.
A. E.
