From owner-freebsd-security  Mon Jul 28 06:55:05 1997
Return-Path: <owner-freebsd-security>
Received: (from root@localhost)
          by hub.freebsd.org (8.8.5/8.8.5) id GAA07176
          for security-outgoing; Mon, 28 Jul 1997 06:55:05 -0700 (PDT)
Received: from gvr.win.tue.nl (root@gvr.win.tue.nl [194.151.74.97])
          by hub.freebsd.org (8.8.5/8.8.5) with ESMTP id GAA07171
          for <security@FreeBSD.ORG>; Mon, 28 Jul 1997 06:55:00 -0700 (PDT)
Received: (from guido@localhost) by gvr.win.tue.nl (8.8.6/8.8.2) id PAA04645; Mon, 28 Jul 1997 15:53:11 +0200 (MET DST)
From: Guido van Rooij <guido@gvr.win.tue.nl>
Message-Id: <199707281353.PAA04645@gvr.win.tue.nl>
Subject: Re: security hole in FreeBSD
In-Reply-To: <Pine.BSF.3.95q.970728082931.3000B-100000@cyrus.watson.org> from Robert Watson at "Jul 28, 97 08:36:52 am"
To: robert@cyrus.watson.org
Date: Mon, 28 Jul 1997 15:53:11 +0200 (MET DST)
Cc: vince@mail.MCESTATE.COM, loco@onyks.wszib.poznan.pl, security@FreeBSD.ORG,
        mario1@PrimeNet.Com, johnnyu@accessus.net
X-Mailer: ELM [version 2.4ME+ PL28 (25)]
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-security@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk

> 
> BTW, does anyone know if there is a secure logging protocol?  Syslog on
> UDP seems a tad unreliable, not to mention opening one up from DoS.  I log

Not on local delivery of udp packets. Nowadays, the FreeBSD syslogd is shipped
with an option -s that makes it refuse syslog messages form remote
machins. This of course does not help if you want to be able to get
syslog entries from a remote host. But you can refure udp packet
with destination port 513 on your routers.

-Guido