Home page logo

bugtraq logo Bugtraq mailing list archives

Re: syslog/udp
From: dave () elxr Jpl Nasa Gov (Dave Hayes)
Date: Tue, 22 Feb 1994 17:13:37 -0800

  If you are running syslogd on your machine and you dont receive
remote logging to that machine you should probably consider removing
the remote function of the program.  Besides being another possible
security risk a person may easily corrupt your audit logs though
this port.  It is quite easy to send fake messages to the syslogd
at any facility and level.  An easy way to fix this would probably
be to change the line:
    int nfds, readfds = FDMASK(funix) | inetm | klogm;

What exactly is the problem? How can we, who are without source code,
change this behavior?
Dave Hayes - Institutional Network & Communications - JPL/NASA - Pasadena CA
dave () elxr jpl nasa gov       dave () jato jpl nasa gov         ...usc!elroy!dxh

Truth (n.) - the most deadly weapon ever discovered by humanity. Capable
of destroying entire perceptual sets, cultures, and realities. Outlawed
by all governments everywhere. Possession is normally punishable by death.

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]