Bugtraq mailing list archives
Re: syslog/udp
From: dave () elxr Jpl Nasa Gov (Dave Hayes)
Date: Tue, 22 Feb 1994 17:13:37 -0800
If you are running syslogd on your machine and you dont receive remote logging to that machine you should probably consider removing the remote function of the program. Besides being another possible security risk a person may easily corrupt your audit logs though this port. It is quite easy to send fake messages to the syslogd at any facility and level. An easy way to fix this would probably be to change the line: int nfds, readfds = FDMASK(funix) | inetm | klogm;
What exactly is the problem? How can we, who are without source code, change this behavior? ------ Dave Hayes - Institutional Network & Communications - JPL/NASA - Pasadena CA dave () elxr jpl nasa gov dave () jato jpl nasa gov ...usc!elroy!dxh Truth (n.) - the most deadly weapon ever discovered by humanity. Capable of destroying entire perceptual sets, cultures, and realities. Outlawed by all governments everywhere. Possession is normally punishable by death.
Current thread:
- syslog/udp Tim Newsham (Feb 20)
- <Possible follow-ups>
- Re: syslog/udp Dave Hayes (Feb 22)
- Re: syslog/udp John Hawkinson (Feb 23)
- Security problem in C news and INN Featherlace (Feb 23)
- Re: Security problem in C news and INN Casper Dik (Feb 24)
- Re: Security problem in C news and INN Perry E. Metzger (Feb 24)
- Re: syslog/udp John Hawkinson (Feb 23)
- Re: syslog/udp scott () santafe edu (Feb 23)
- Re: syslog/udp Tim Newsham (Feb 23)
- Re: syslog/udp Julian Assange (Feb 23)
- daemon() Jim Wright (Feb 24)
- Thanks! Dave Hayes (Feb 23)