Date: Tue, 28 Nov 2000 16:33:43 -0500 From: trini0 <trini0@optonline.net> To: questions@freebsd.org Subject: syslog ? Message-ID: <3A2424B7.62F45E2@optonline.net>
next in thread | raw e-mail | index | archive | help
--------------650F8F0E9C59A45E52C434B7 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit I came across a web site that tests network security. I ran it on my router running FBSD 4.2S w/ipfil 3.4.8. Part of the results came back saying that port 514 that syslog was using was insecure and they sent a little message to the syslog daemon ==> Nov 28 12:59:09 gw /kernel: icmp-response bandwidth limit 225/200 pps Nov 28 12:59:12 gw /kernel: icmp-response bandwidth limit 236/200 pps Nov 28 12:59:15 gw /kernel: icmp-response bandwidth limit 228/200 pps Nov 28 12:59:21 gw /kernel: icmp-response bandwidth limit 201/200 pps I checked out some man pages and came across running syslogd in secure mode with the -s option. Is this recommended, to make syslogd be more secure? What file would I put this option in? (I didn't know where to enable -s) Or should I just block off port 514 coming in from the internet on the firewall?? Thanks trini0 -- _____________________________ | trini0 | | | / ) | Systems Administrator | / / | Network Engineer | ( ( | email ==> | (((\ \> |/ ) trini0@optonline.net | (\\\\ \_/ /_________________________| \ / \ _/ / / / / --------------650F8F0E9C59A45E52C434B7 Content-Type: text/html; charset=us-ascii Content-Transfer-Encoding: 7bit <!doctype html public "-//w3c//dtd html 4.0 transitional//en"> <html> I came across a web site that tests network security. I ran it on my router running FBSD 4.2S w/ipfil 3.4.8. Part of the results came back saying that port 514 that syslog was using was insecure and they sent a little message to the syslog daemon ==> <p>Nov 28 12:59:09 gw /kernel: icmp-response bandwidth limit 225/200 pps <p>Nov 28 12:59:12 gw /kernel: icmp-response bandwidth limit 236/200 pps <p>Nov 28 12:59:15 gw /kernel: icmp-response bandwidth limit 228/200 pps <p>Nov 28 12:59:21 gw /kernel: icmp-response bandwidth limit 201/200 pps <p>I checked out some man pages and came across running syslogd in secure mode with the -s option. Is this recommended, to make syslogd be more secure? What file would I put this option in? (I didn't know where to enable -s) Or should I just block off port 514 coming in from the internet on the firewall?? <br>Thanks <br>trini0 <br> <pre>-- _____________________________ | trini0 | | | / ) | Systems Administrator | / / | Network Engineer | ( ( | email ==> | (((\ \> |/ ) trini0@optonline.net | (\\\\ \_/ /_________________________| \ / \ _/ / / / /</pre> </html> --------------650F8F0E9C59A45E52C434B7-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3A2424B7.62F45E2>