Date: Thu, 7 Sep 1995 20:07:26 +0300 (EET DST) From: "Andrew V. Stesin" <stesin@elvisti.kiev.ua> To: wollman@lcs.mit.edu (Garrett A. Wollman) Cc: security@freebsd.org Subject: Re: Do we *really* need logger(1)? Message-ID: <199509071707.UAA29202@office.elvisti.kiev.ua> In-Reply-To: <9509062102.AA21414@halloran-eldar.lcs.mit.edu> from "Garrett A. Wollman" at Sep 6, 95 05:02:50 pm
next in thread | previous in thread | raw e-mail | index | archive | help
Hello, # > True. My point was that xinetd can wrap UDP daemons and tcp_wrapper # > can not. Plus, xinetd can do it without exec'ing an additional program. # # > Filters on border routers should be used to block "outside" syslogd abuse. # # Um, no, syslog should be fixed to not accept random junk from anyone # who cares to send it. Another 2 things which (I beleive) are worth the effort: (a) Some king of ACK protocol when logging goes to another host; seems to be a better solution than using TCP connection. I've read about this kind of simple and cost-effective message exchange protocols in Addison-Wesley book on distributed computing, 2 ed. For a pity, that book wasn't mine. (b) Optional encryption capability for the messages, using the system-wide libcrypt facility; even very simple one will be good, with parameters stored in /etc/syslog.conf. Better than nothing, really. # Packet filtering is never the correct answer, # despite what some vendors may try to make people think. How one can design a strategy of living without it? What are better solutions? # As for `logger', it's a useful tool that anyone could write if it did # not exist before. People running public-access systems should do the # same thing to `logger' as they do to `cc', `as', and `ld'. Agreed. # # -GAWollman # -- With best regards -- Andrew Stesin.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199509071707.UAA29202>