North American Network Operators Group
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Historical
Re: Is it time to block all Microsoft protocols in the core?
- From: Joe Abley
- Date: Tue Jan 28 14:42:46 2003
On Monday, Jan 27, 2003, at 14:04 Asia/Katmandu, Sean Donelan wrote:
Its not just a Microsoft thing. SYSLOG opened the network port by
default, and the user has to remember to disable it for only local
logging.
You're using mixed tense in these sentences, so I can't tell whether
you think that syslog's network port is open by default on operating
systems today.
On FreeBSD, NetBSD, OpenBSD and Darwin/Mac OS X (the only xterms I
happen to have open right now) this is not the case, and has not been
for some time. I presume, perhaps naïvely, that other operating systems
have done something similar.
[...]
DESCRIPTION
syslogd reads and logs messages to the system console, log
files, other
machines and/or users as specified by its configuration file.
The options are as follows:
[...]
-u Select the historical ``insecure'' mode, in which
syslogd will
accept input from the UDP port. Some software wants
this, but
you can be subjected to a variety of attacks over the
network,
including attackers remotely filling logs.
[...]
Joe
|
