Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 28 Nov 2000 16:33:43 -0500
From:      trini0 <trini0@optonline.net>
To:        questions@freebsd.org
Subject:   syslog ?
Message-ID:  <3A2424B7.62F45E2@optonline.net>
next in thread | raw e-mail | index | archive | help 

[-- Attachment #1 --]
I came across a web site that tests network security.  I ran it on my
router running FBSD 4.2S w/ipfil 3.4.8.  Part of the results came back
saying that port 514 that syslog was using was insecure and they sent a
little message to the syslog daemon ==>

Nov 28 12:59:09 gw /kernel:    icmp-response bandwidth limit 225/200 pps

Nov 28 12:59:12 gw /kernel:    icmp-response bandwidth limit 236/200 pps

Nov 28 12:59:15 gw /kernel:    icmp-response bandwidth limit 228/200 pps

Nov 28 12:59:21 gw /kernel:    icmp-response bandwidth limit 201/200 pps

I checked out some man pages and came across running syslogd in secure
mode with the -s option.  Is this recommended, to make syslogd be more
secure?  What file would I put this option in?  (I didn't know where to
enable -s)  Or should I just block off port 514 coming in from the
internet on the firewall??
Thanks
trini0


--

         _____________________________
         |          trini0           |
         |                           |
     / ) | Systems Administrator     |
    / /  | Network Engineer          |
   ( (   | email ==>                 |
 (((\ \> |/ )  trini0@optonline.net  |
 (\\\\ \_/ /_________________________|
  \       /
   \    _/
   /   /
  /   /



[-- Attachment #2 --]
<!doctype html public "-//w3c//dtd html 4.0 transitional//en">
<html>
I came across a web site that tests network security.&nbsp; I ran it on
my router running FBSD 4.2S w/ipfil 3.4.8.&nbsp; Part of the results came
back saying that port 514 that syslog was using was insecure and they sent
a little message to the syslog daemon ==>
<p>Nov 28 12:59:09 gw /kernel:&nbsp;&nbsp;&nbsp; icmp-response bandwidth
limit 225/200 pps
<p>Nov 28 12:59:12 gw /kernel:&nbsp;&nbsp;&nbsp; icmp-response bandwidth
limit 236/200 pps
<p>Nov 28 12:59:15 gw /kernel:&nbsp;&nbsp;&nbsp; icmp-response bandwidth
limit 228/200 pps
<p>Nov 28 12:59:21 gw /kernel:&nbsp;&nbsp;&nbsp; icmp-response bandwidth
limit 201/200 pps
<p>I checked out some man pages and came across running syslogd in secure
mode with the -s option.&nbsp; Is this recommended, to make syslogd be
more secure?&nbsp; What file would I put this option in?&nbsp; (I didn't
know where to enable -s)&nbsp; Or should I just block off port 514 coming
in from the internet on the firewall??
<br>Thanks
<br>trini0
<br>&nbsp;
<pre>--&nbsp;


&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; _____________________________
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; |&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; trini0&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; |
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; |&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; |
&nbsp;&nbsp;&nbsp;&nbsp; / ) | Systems Administrator&nbsp;&nbsp;&nbsp;&nbsp; |
&nbsp;&nbsp;&nbsp; / /&nbsp; | Network Engineer&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; |
&nbsp;&nbsp; ( (&nbsp;&nbsp; | email ==>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; |
&nbsp;(((\ \> |/ )&nbsp; trini0@optonline.net&nbsp; |
&nbsp;(\\\\ \_/ /_________________________|
&nbsp; \&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; /
&nbsp;&nbsp; \&nbsp;&nbsp;&nbsp; _/
&nbsp;&nbsp; /&nbsp;&nbsp; /
&nbsp; /&nbsp;&nbsp; /</pre>
&nbsp;</html>

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3A2424B7.62F45E2>