Home page logo

firewall-wizards logo Firewall Wizards mailing list archives

Re: pix syslog & linux
From: "Paul D. Robertson" <paul () compuwar net>
Date: Tue, 16 May 2006 08:20:31 -0400 (EDT)

On Mon, 15 May 2006, kurt x wrote:

Any suggestion?

1.  Linux syslogd doesn't listen on a network socket by default, so you 
have to start syslogd with -r.  Check to see if you're listening with 
netstat -nr.

2.  Most Linux dostributions these days packet filter services by default.  
If you're listening and not logging, it's likely to be a packet filtering 
issue.  Add permission for syslog to your filtering rules to fix it.

Both of these are *good* things, as they've reduced the vulnerability 
surface of the platform significantly.

Paul D. Robertson      "My statements in this message are personal opinions
paul () compuwar net       which may have no basis whatsoever in fact."
http://fora.compuwar.net      Infosec discussion boards 

firewall-wizards mailing list
firewall-wizards () listserv icsalabs com

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]