Date: Sat, 15 Jul 2000 12:28:00 -0400 (EDT) From: Robert Watson <rwatson@FreeBSD.org> To: freebsd-security@FreeBSD.org Subject: syslog and stopping name lookup for remote logging Message-ID: <Pine.NEB.3.96L.1000715122544.15043G-100000@fledge.watson.org>
next in thread | raw e-mail | index | archive | help
Right now, I believe syslogd attached the hostname of the source of a network-sourced log message. Needless to say, this can be a disadvantage, as DNS spoofing and IP spoofing are both easy, but IP spoofing can be stopped at the border router, whereas DNS spoofing is just dumb. I was wondering if anyone had patches to force syslogd to use the IP address instead? (-n or something) If not, I'll go ahead and write them. Thanks! Robert N M Watson robert@fledge.watson.org http://www.watson.org/~robert/ PGP key fingerprint: AF B5 5F FF A6 4A 79 37 ED 5F 55 E9 58 04 6A B1 TIS Labs at Network Associates, Safeport Network Services To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.NEB.3.96L.1000715122544.15043G-100000>