Date: Tue, 28 Nov 2000 21:35:39 -0500 From: trini0 <trini0@optonline.net> To: Mike Meyer <mwm@mired.org> Cc: FreeBSD Questions <questions@freebsd.org> Subject: Re: syslog ? Message-ID: <3A246B7B.7A0C61F5@optonline.net> References: <14884.21116.876366.998002@guru.mired.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Sorry to all about the html post.....:( syslog_enable to yes and flag set to -s in /etc/defaults/rc.conf, but it wasn't in my /etc/rc.conf file. I inserted them there and rebooted. Now my ? is does the system look at both /etc/defaults/rc.conf & /etc/rc.conf when it boots up and starts what is necessary??? If that was the case then there was no need to modify my /etc/rc.conf. Is there a way to find out what state a daemon is running in?? ie if syslog is running in secure mode or not. Thanks trini0 > trini0 <trini0@optonline.net> types: > > - --------------650F8F0E9C59A45E52C434B7 > > Content-Type: text/plain; charset=us-ascii > > Content-Transfer-Encoding: 7bit > > > > I came across a web site that tests network security. I ran it on my > > router running FBSD 4.2S w/ipfil 3.4.8. Part of the results came back > > saying that port 514 that syslog was using was insecure and they sent a > > little message to the syslog daemon ==> > > > > Nov 28 12:59:09 gw /kernel: icmp-response bandwidth limit 225/200 pps > > > > Nov 28 12:59:12 gw /kernel: icmp-response bandwidth limit 236/200 pps > > > > Nov 28 12:59:15 gw /kernel: icmp-response bandwidth limit 228/200 pps > > > > Nov 28 12:59:21 gw /kernel: icmp-response bandwidth limit 201/200 pps > > > > I checked out some man pages and came across running syslogd in secure > > mode with the -s option. Is this recommended, to make syslogd be more > > secure? What file would I put this option in? (I didn't know where to > > enable -s) Or should I just block off port 514 coming in from the > > internet on the firewall?? > > Thanks > > trini0 > > 4.2 should be running syslogd with the -s flag by default. Check > /etc/defaults/rc.conf to verify that syslogd_enable="YES" and > syslogd_flags="-s". If so, then check /etc/rc.conf to verify that they > aren't changed. If syslogd_enable is not set to "YES", then something > else is listening on the syslog port, and you need to deal with that > something else. > > Also, your mailer is sending HTML as well as plain text. Please make > it stop, and just send plain text. > > <mike > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3A246B7B.7A0C61F5>