From owner-freebsd-security Sun Aug 31 18:31:49 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.7/8.8.7) id SAA28482 for security-outgoing; Sun, 31 Aug 1997 18:31:49 -0700 (PDT) Received: from obie.softweyr.ml.org ([199.104.124.49]) by hub.freebsd.org (8.8.7/8.8.7) with ESMTP id SAA28473; Sun, 31 Aug 1997 18:31:40 -0700 (PDT) Received: (from wes@localhost) by obie.softweyr.ml.org (8.7.5/8.6.12) id TAA04894; Sun, 31 Aug 1997 19:34:50 -0600 (MDT) Date: Sun, 31 Aug 1997 19:34:50 -0600 (MDT) Message-Id: <199709010134.TAA04894@obie.softweyr.ml.org> From: Wes Peters To: "Jonathan M. Bresler" CC: security@FreeBSD.ORG Subject: Re: FW: syslogd fun (fwd) In-Reply-To: <199708291933.MAA23443@hub.freebsd.org> References: <199708291817.LAA03314@hokkshideh.jetcafe.org> <199708291933.MAA23443@hub.freebsd.org> Sender: owner-freebsd-security@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk Jonathan M. Bresler writes: > Dave Hayes wrote: > > > > > filter syslog at your firewall. falls under teh general rule: > > > "unless you need it, filter it out" jmb > > > > This is still -not- a guarantee of safety. > > ;)))) > > if you have people inside your security perimeter that are > a threat to your servers....you have a management problem, > -not- a technical problem. It's important to keep in mind "Rob Clyde's Rule:" If your security measures cost more than your potential loss, you're guaranteed to lose money. Possibly the only intelligent thing Rob ever said in my association with him. ;^) -- "Where am I, and what am I doing in this handbasket?" Wes Peters Softweyr LLC http://www.xmission.com/~softweyr softweyr@xmission.com