From owner-freebsd-questions  Wed Feb 10 10:25:04 1999
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id KAA29988
          for freebsd-questions-outgoing; Wed, 10 Feb 1999 10:25:04 -0800 (PST)
          (envelope-from owner-freebsd-questions@FreeBSD.ORG)
Received: from server6.singular.com (server6.singular.com [204.140.208.6])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id KAA29980
          for <freebsd-questions@freebsd.org>; Wed, 10 Feb 1999 10:25:03 -0800 (PST)
          (envelope-from jbarbee@singular.com)
Received: from server7.singular.com ([204.140.208.10])
          by server6.singular.com (Post.Office MTA v3.1.2
          release (PO205-101c) ID# 0-42397U400L100S0) with ESMTP id AAA328;
          Wed, 10 Feb 1999 10:25:12 -0800
Date: Wed, 10 Feb 1999 10:25:02 -0800 (PST)
From: jbarbee@singular.com (John Barbee)
To: mhx <mhx@execpc.com>
cc: freebsd-questions@FreeBSD.ORG
Subject: Re: syslogd in freebsd 3.0
In-Reply-To: <36C1C847.FB7B9EF@execpc.com>
Message-ID: <Pine.BSF.4.05.9902101021320.28204-100000@server7.singular.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

Personally, the only only security I've heard of is when you send your
messages to other hosts.  Afraid that someone might capture your system
messages when they're not supposed to.

However, syslogd does run as a daemon on port 514 and is susceptible to
attacks just like any other daemon.  But, once again, personally I don't
know of any outstanding security flaw.

john.

On Wed, 10 Feb 1999, mhx wrote:

> well i run www.sekurenet.com and someone told me that syslogd is remotly
> exploitable and not to run it so i never ran it i just want to know if you
> guys new about this or is it a rumor?  And if there is something else i can
> run to log things?  I dont see anything on bugtraq for it.
> 
> -Ryan
> 
> John Barbee wrote:
> 
> > What do you mean by exploit?  To what degree?  What are you considering?
> > Or do you mean security-wise?
> >
> > john.
> >
> > On Wed, 10 Feb 1999, mhx wrote:
> >
> > > I was wondering if syslogd is exploitable some how?  Is there a newer
> > > program that i can use that does the same thing?
> > >
> > > -Ryan
> > >
> > >
> > >
> > > To Unsubscribe: send mail to majordomo@FreeBSD.org
> > > with "unsubscribe freebsd-questions" in the body of the message
> > >
> 


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message