From owner-freebsd-security Wed Sep 6 14:03:07 1995 Return-Path: security-owner Received: (from majordom@localhost) by freefall.freebsd.org (8.6.11/8.6.6) id OAA23079 for security-outgoing; Wed, 6 Sep 1995 14:03:07 -0700 Received: from halloran-eldar.lcs.mit.edu (halloran-eldar.lcs.mit.edu [18.26.0.159]) by freefall.freebsd.org (8.6.11/8.6.6) with SMTP id OAA23073 for ; Wed, 6 Sep 1995 14:03:06 -0700 Received: by halloran-eldar.lcs.mit.edu; (5.65/1.1.8.2/19Aug95-0530PM) id AA21414; Wed, 6 Sep 1995 17:02:50 -0400 Date: Wed, 6 Sep 1995 17:02:50 -0400 From: "Garrett A. Wollman" Message-Id: <9509062102.AA21414@halloran-eldar.lcs.mit.edu> To: Tom Samplonius Cc: freebsd-security@freebsd.org Subject: Re: Do we *really* need logger(1)? In-Reply-To: References: <199509062022.NAA26565@corbin.Root.COM> Sender: security-owner@freebsd.org Precedence: bulk < said: > True. My point was that xinetd can wrap UDP daemons and tcp_wrapper > can not. Plus, xinetd can do it without exec'ing an additional program. > Filters on border routers should be used to block "outside" syslogd abuse. Um, no, syslog should be fixed to not accept random junk from anyone who cares to send it. Packet filtering is never the correct answer, despite what some vendors may try to make people think. As for `logger', it's a useful tool that anyone could write if it did not exist before. People running public-access systems should do the same thing to `logger' as they do to `cc', `as', and `ld'. -GAWollman -- Garrett A. Wollman | Shashish is simple, it's discreet, it's brief. ... wollman@lcs.mit.edu | Shashish is the bonding of hearts in spite of distance. Opinions not those of| It is a bond more powerful than absence. We like people MIT, LCS, ANA, or NSA| who like Shashish. - Claude McKenzie + Florent Vollant