Date: Tue, 12 Mar 2002 08:29:33 +0100 From: "Rogier R. Mulhuijzen" <drwilco@drwilco.net> To: Giorgos Keramidas <keramida@ceid.upatras.gr> Cc: freebsd-hackers@freebsd.org Subject: Re: logging securelevel violations Message-ID: <5.1.0.14.0.20020312082838.029a6d38@mail.drwilco.net> In-Reply-To: <20020312003659.GH2388@hades.hell.gr> References: <5.1.0.14.0.20020311220030.01c3ace0@mail.drwilco.net> <5.1.0.14.0.20020311220030.01c3ace0@mail.drwilco.net>
next in thread | previous in thread | raw e-mail | index | archive | help
At 02:36 12-3-2002 +0200, Giorgos Keramidas wrote:
>On 2002-03-11 22:00, Rogier R. Mulhuijzen wrote:
> >
> > >I think this would be useful, but I would be concerned about the rate at
> > >which these messages could come when someone is actively attacking a
> > >system.
> > >Perhaps such messages could go through a rate limiter mechanism similar to
> > >that now used by the network interfaces.
> >
> > syslogd already has a "last message repeated N times"
>
>Rate limiting is still needed:
>
> while true ;do
> echo "" > /dev/ad0
> echo "" > /dev/ad1
> done
>
>This would cause syslogd to go nuts!
crw-r----- 2 root operator 116, 0x00010002 Jan 20 03:13 /dev/ad0
Only if you're root.
Doc
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5.1.0.14.0.20020312082838.029a6d38>