Date: Tue, 28 Nov 2000 16:33:43 -0500 From: trini0 <trini0@optonline.net> To: questions@freebsd.org Subject: syslog ? Message-ID: <3A2424B7.62F45E2@optonline.net>
next in thread | raw e-mail | index | archive | help
--------------650F8F0E9C59A45E52C434B7
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
I came across a web site that tests network security. I ran it on my
router running FBSD 4.2S w/ipfil 3.4.8. Part of the results came back
saying that port 514 that syslog was using was insecure and they sent a
little message to the syslog daemon ==>
Nov 28 12:59:09 gw /kernel: icmp-response bandwidth limit 225/200 pps
Nov 28 12:59:12 gw /kernel: icmp-response bandwidth limit 236/200 pps
Nov 28 12:59:15 gw /kernel: icmp-response bandwidth limit 228/200 pps
Nov 28 12:59:21 gw /kernel: icmp-response bandwidth limit 201/200 pps
I checked out some man pages and came across running syslogd in secure
mode with the -s option. Is this recommended, to make syslogd be more
secure? What file would I put this option in? (I didn't know where to
enable -s) Or should I just block off port 514 coming in from the
internet on the firewall??
Thanks
trini0
--
_____________________________
| trini0 |
| |
/ ) | Systems Administrator |
/ / | Network Engineer |
( ( | email ==> |
(((\ \> |/ ) trini0@optonline.net |
(\\\\ \_/ /_________________________|
\ /
\ _/
/ /
/ /
--------------650F8F0E9C59A45E52C434B7
Content-Type: text/html; charset=us-ascii
Content-Transfer-Encoding: 7bit
<!doctype html public "-//w3c//dtd html 4.0 transitional//en">
<html>
I came across a web site that tests network security. I ran it on
my router running FBSD 4.2S w/ipfil 3.4.8. Part of the results came
back saying that port 514 that syslog was using was insecure and they sent
a little message to the syslog daemon ==>
<p>Nov 28 12:59:09 gw /kernel: icmp-response bandwidth
limit 225/200 pps
<p>Nov 28 12:59:12 gw /kernel: icmp-response bandwidth
limit 236/200 pps
<p>Nov 28 12:59:15 gw /kernel: icmp-response bandwidth
limit 228/200 pps
<p>Nov 28 12:59:21 gw /kernel: icmp-response bandwidth
limit 201/200 pps
<p>I checked out some man pages and came across running syslogd in secure
mode with the -s option. Is this recommended, to make syslogd be
more secure? What file would I put this option in? (I didn't
know where to enable -s) Or should I just block off port 514 coming
in from the internet on the firewall??
<br>Thanks
<br>trini0
<br>
<pre>--
_____________________________
| trini0 |
| |
/ ) | Systems Administrator |
/ / | Network Engineer |
( ( | email ==> |
(((\ \> |/ ) trini0@optonline.net |
(\\\\ \_/ /_________________________|
\ /
\ _/
/ /
/ /</pre>
</html>
--------------650F8F0E9C59A45E52C434B7--
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3A2424B7.62F45E2>