From owner-freebsd-security  Fri Aug 29 13:06:35 1997
Return-Path: <owner-freebsd-security>
Received: (from root@localhost)
          by hub.freebsd.org (8.8.7/8.8.7) id NAA25326
          for security-outgoing; Fri, 29 Aug 1997 13:06:35 -0700 (PDT)
Received: from gvr.gvr.org (root@gvr.gvr.org [194.151.74.97])
          by hub.freebsd.org (8.8.7/8.8.7) with ESMTP id NAA25310;
          Fri, 29 Aug 1997 13:06:25 -0700 (PDT)
Received: (from guido@localhost)
	by gvr.gvr.org (8.8.6/8.8.5) id WAA14670;
	Fri, 29 Aug 1997 22:06:21 +0200 (MET DST)
From: Guido van Rooij <guido@gvr.org>
Message-Id: <199708292006.WAA14670@gvr.gvr.org>
Subject: Re: FW: syslogd fun (fwd)
In-Reply-To: <199708291933.MAA23443@hub.freebsd.org> from "Jonathan M. Bresler" at "Aug 29, 97 12:33:51 pm"
To: jmb@FreeBSD.ORG (Jonathan M. Bresler)
Date: Fri, 29 Aug 1997 22:06:21 +0200 (MET DST)
Cc: dave@jetcafe.org, freebsd-security@FreeBSD.ORG
X-Mailer: ELM [version 2.4ME+ PL28 (25)]
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-security@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk

Jonathan M. Bresler wrote:
> Dave Hayes wrote:
> > 
> > > filter syslog at your firewall.  falls under teh general rule:
> > > "unless you need it, filter it out" jmb
> > 
> > This is still -not- a guarantee of safety.
> 
> 	;))))
> 
> 	if you have people inside your security perimeter that are 
> 	a threat to your servers....you have a management problem,
> 	-not- a technical problem.

Fortunately, you can get around the management problem with technical
solutions ;-)

-Guido