From owner-freebsd-security  Tue Jun  4 17:50:16 1996
Return-Path: owner-security
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.5/8.7.3) id RAA25969
          for security-outgoing; Tue, 4 Jun 1996 17:50:16 -0700 (PDT)
Received: from einstein.technet.sg (ngps@einstein.technet.sg [192.169.33.50])
          by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id RAA25960
          for <freebsd-security@freebsd.org>; Tue, 4 Jun 1996 17:50:14 -0700 (PDT)
Received: (from ngps@localhost) by einstein.technet.sg (8.7.3/8.6.9) id IAA15482; Wed, 5 Jun 1996 08:50:10 +0800 (SST)
Date: Wed, 5 Jun 1996 08:50:10 +0800 (SST)
From: Ng Pheng Siong <ngps@technet.sg>
To: freebsd-security@freebsd.org
Subject: Re: syslogd (fwd)
Message-ID: <Pine.OSF.3.91.960605084907.13323A-100000@einstein.technet.sg>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-security@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk


Apologies to those who have seen this already.

- PS
--
Ng Pheng Siong <ngps@pacific.net.sg> * Finger for PGP key.
Pacific Internet Pte Ltd * Singapore

'The meek will inherit the earth, after the rest of us have gone to the stars.'
							- alt.2600 poster

---------- Forwarded message ----------
Date: Tue, 4 Jun 1996 12:49:16 -0400
From: Jeff Uphoff <juphoff@tarsier.cv.nrao.edu>
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@netspace.org>
Subject: Re: syslogd

"PEM" == Perry E Metzger <perry@piermont.com> writes:

>> >What solutions have people used to restrict which hosts can send stuff
>> >to their syslogd?

PEM> I hacked NetBSD's syslogd so that with an option it only opens the
PEM> unix domain socket and not the UDP socket. The code is in the main
PEM> NetBSD sources.

Greg Wettstein's newest release (1.3) of syslogd for Linux does not do
UDP-based logging unless it is specifically requested on the
command-line.  Its default mode now is to only do local logging.

>From the README.1st file:

* By default the syslog daemon doesn't accept any message from the
  syslog/udp port. To enable this add "-r" to the command-line
  arguments.

Seems like more and more people are starting to worry about this.  :)~

--Up.

--
Jeff Uphoff - systems/network admin.  |  juphoff@nrao.edu
National Radio Astronomy Observatory  |  juphoff@bofh.org.uk
Charlottesville, VA, USA              |  jeff.uphoff@linux.org
    PGP key available at: http://www.cv.nrao.edu/~juphoff/