Date: Tue, 20 Feb 2001 10:31:26 -0800 From: "Crist J. Clark" <cjclark@reflexnet.net> To: Daniel Hagan <dhagan@colltech.com> Cc: "Edward W. M." <edward_wm@hotmail.com>, fbsdsec@killaz-r-us.com, freebsd-security@FreeBSD.ORG Subject: Re: Fw: Remote logging Message-ID: <20010220103126.A77883@rfx-216-196-73-168.users.reflex> In-Reply-To: <3A9247FD.F6C68145@colltech.com>; from dhagan@colltech.com on Tue, Feb 20, 2001 at 05:33:33AM -0500 References: <LC4-LFD3tgx8VUkRacU0000021d@hotmail.com> <3A91EE6A.82EBBC37@colltech.com> <20010219232503.T62368@rfx-216-196-73-168.users.reflex> <3A9247FD.F6C68145@colltech.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Feb 20, 2001 at 05:33:33AM -0500, Daniel Hagan wrote: > "Crist J. Clark" wrote: > > On Mon, Feb 19, 2001 at 11:11:22PM -0500, Daniel Hagan wrote: > > > You need > > > MACs to prevent forging, which isn't available in the default syslog. > > > > MACs can be easily forged by local machines. MAC information is not > > normally accessible to programs anyway. You could not use "regular" > > UDP socket programming. Crypto or physical security is the only > > practical way to secure locally. And since crypto also works > > remotely... > > MAC == Message Authentication Code in the above paragraph. I'm not sure > if that's how you read it or not (were you thinking 802.3?). I was reading Media Access Control address. Sorry, I was wa-ay off. -- Crist J. Clark cjclark@alum.mit.edu To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010220103126.A77883>