Home page logo
/

firewall-wizards logo Firewall Wizards mailing list archives

Re: pix syslog & linux
From: "Paul D. Robertson" <paul () compuwar net>
Date: Tue, 16 May 2006 08:20:31 -0400 (EDT)

On Mon, 15 May 2006, kurt x wrote:

Any suggestion?

1.  Linux syslogd doesn't listen on a network socket by default, so you 
have to start syslogd with -r.  Check to see if you're listening with 
netstat -nr.

2.  Most Linux dostributions these days packet filter services by default.  
If you're listening and not logging, it's likely to be a packet filtering 
issue.  Add permission for syslog to your filtering rules to fix it.

Both of these are *good* things, as they've reduced the vulnerability 
surface of the platform significantly.

Paul
-----------------------------------------------------------------------------
Paul D. Robertson      "My statements in this message are personal opinions
paul () compuwar net       which may have no basis whatsoever in fact."
http://fora.compuwar.net      Infosec discussion boards 

_______________________________________________
firewall-wizards mailing list
firewall-wizards () listserv icsalabs com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault