From owner-freebsd-security Thu Jan 7 05:57:59 1999 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id FAA19197 for freebsd-security-outgoing; Thu, 7 Jan 1999 05:57:59 -0800 (PST) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from cheops.anu.edu.au (cheops.anu.edu.au [150.203.149.24]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id FAA19192 for ; Thu, 7 Jan 1999 05:57:56 -0800 (PST) (envelope-from avalon@cheops.anu.edu.au) Received: (from avalon@localhost) by cheops.anu.edu.au (8.9.1/8.9.1) id AAA12004; Fri, 8 Jan 1999 00:55:56 +1100 (EDT) From: Darren Reed Message-Id: <199901071355.AAA12004@cheops.anu.edu.au> Subject: Re: kernel/syslogd hack To: vadim@tversu.ru (Vadim Kolontsov) Date: Fri, 8 Jan 1999 00:55:55 +1100 (EDT) Cc: Don.Lewis@tsc.tdk.com, freebsd-security@FreeBSD.ORG In-Reply-To: <19990107153615.A27741@tversu.ru> from "Vadim Kolontsov" at Jan 7, 99 03:36:15 pm X-Mailer: ELM [version 2.4 PL23] Content-Type: text Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Just so I understand what you're doing, you're recording who sent the syslog message (and making the message longer) because you're concerned about users generating fake messages. Now as it stands, you don't want to stop them sending fake messages, you just want to know when they are being sent so you can distinguish real ones from fakes. Did I get that all right ? Btw, if you just wanted an enhanced configuration file, nsyslogd does filtering on IP#'s now. Darren To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message