From owner-freebsd-security  Wed Jan  6 17:24:22 1999
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id RAA07441
          for freebsd-security-outgoing; Wed, 6 Jan 1999 17:24:22 -0800 (PST)
          (envelope-from owner-freebsd-security@FreeBSD.ORG)
Received: from alcanet.com.au (border.alcanet.com.au [203.62.196.10])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id RAA07436
          for <freebsd-security@FreeBSD.ORG>; Wed, 6 Jan 1999 17:24:19 -0800 (PST)
          (envelope-from peter.jeremy@auss2.alcatel.com.au)
Received: by border.alcanet.com.au id <40326>; Thu, 7 Jan 1999 12:22:59 +1100
Date: Thu, 7 Jan 1999 12:23:40 +1100
From: Peter Jeremy <peter.jeremy@auss2.alcatel.com.au>
Subject: Re: kernel/syslogd hack
To: Don.Lewis@tsc.tdk.com
Cc: freebsd-security@FreeBSD.ORG
Message-Id: <99Jan7.122259est.40326@border.alcanet.com.au>
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

Don Lewis <Don.Lewis@tsc.tdk.com> wrote:
>If syslogd received a message without the credentials, it could log the
>information that it was handed with an indication that the information
>may not be trustworthy.

Which immediately returns us to the original problem - which is that
the current syslog protocol makes DOS attacks trivial.

Peter

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message