From owner-freebsd-security  Thu Aug 28 16:18:29 1997
Return-Path: <owner-freebsd-security>
Received: (from root@localhost)
          by hub.freebsd.org (8.8.7/8.8.7) id QAA26393
          for security-outgoing; Thu, 28 Aug 1997 16:18:29 -0700 (PDT)
Received: from henry.cs.adfa.oz.au (henry.cs.adfa.oz.au [131.236.21.158])
          by hub.freebsd.org (8.8.7/8.8.7) with ESMTP id QAA26388
          for <freebsd-security@FreeBSD.ORG>; Thu, 28 Aug 1997 16:18:23 -0700 (PDT)
Received: (from wkt@localhost) by henry.cs.adfa.oz.au (8.7.5/8.7.3) id JAA03072; Fri, 29 Aug 1997 09:17:17 +1000 (EST)
From: Warren Toomey <wkt@henry.cs.adfa.oz.au>
Message-Id: <199708282317.JAA03072@henry.cs.adfa.oz.au>
Subject: Re: FW: syslogd fun (fwd)
To: Shimon@i-Connect.Net (Simon Shapiro)
Date: Fri, 29 Aug 1997 09:17:17 +1000 (EST)
Cc: freebsd-security@FreeBSD.ORG
In-Reply-To: <XFMail.970828124912.Shimon@i-Connect.Net> from Simon Shapiro at "Aug 28, 97 12:49:12 pm"
Reply-To: wkt@cs.adfa.oz.au
X-Mailer: ELM [version 2.4ME+ PL22 (25)]
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-security@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk

In article by Simon Shapiro:
> Is this something we have to worry about in FreeBSD?  I think it may, but
> do not know...
> 
> Simon

I hacked up a syslogd ages ago to prevent this sort of thing happening.
(spoof syslog messages).

Details are at:

	ftp://minnie.cs.adfa.oz.au/pub/NetSecurity

and a paper describing some net security things are at:

	http://minnie.cs.adfa.oz.au/Seminars/AUUG96/index.html

Warren