From owner-freebsd-security Fri Jul 9 9:28: 2 1999 Delivered-To: freebsd-security@freebsd.org Received: from rover.village.org (rover.village.org [204.144.255.49]) by hub.freebsd.org (Postfix) with ESMTP id 2AC32156ED for ; Fri, 9 Jul 1999 09:27:57 -0700 (PDT) (envelope-from imp@harmony.village.org) Received: from harmony.village.org (harmony.village.org [10.0.0.6]) by rover.village.org (8.9.3/8.9.3) with ESMTP id KAA05111; Fri, 9 Jul 1999 10:28:04 -0600 (MDT) (envelope-from imp@harmony.village.org) Received: from harmony.village.org (localhost.village.org [127.0.0.1]) by harmony.village.org (8.9.3/8.8.3) with ESMTP id KAA20308; Fri, 9 Jul 1999 10:25:55 -0600 (MDT) Message-Id: <199907091625.KAA20308@harmony.village.org> To: Alla Bezroutchko Subject: Re: Syslog alternatives? Cc: FreeBSD Security In-reply-to: Your message of "Fri, 09 Jul 1999 10:49:24 +0400." <37859B74.7528C158@sovlink.ru> References: <37859B74.7528C158@sovlink.ru> Date: Fri, 09 Jul 1999 10:25:55 -0600 From: Warner Losh Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org In message <37859B74.7528C158@sovlink.ru> Alla Bezroutchko writes: : Could someone explain me or point me to some resources that explain : why syslogd is bad? By default, syslogd will accept messages from anybody. DoS implications in doing that are ignored, so it remains vulnerable to a fill up the disk attack. Secure switches make it less vulnerable. I don't think that there is anything major enough wrong with syslogd to actually try to replace it. If there are bad things that can happen when -s is specified, I'd sure like to know about them. Warner FreeBSD Security Officer. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message