On Sat, 2005-08-06 at 03:00 +0100, poncenby wrote:
> Shawn K. Quinn wrote:
> > On Fri, 2005-08-05 at 07:33 +0100, poncenby wrote:
> >
> >>May I suggest some tolerance(doesn't have to be sincere) for people
> >>who are simply either too busy or too lazy to read man pages in their
> >>entirety. or
From: poncenby <[EMAIL PROTECTED]>
To: misc@openbsd.org
Subject: Re: syslogd udp port
Date: Sat, 06 Aug 2005 03:15:07 +0100
Abraham Al-Saleh wrote:
On 8/5/05, poncenby <[EMAIL PROTECTED]> wrote:
Firstly I never said mentioned the word security, so I don't know where
Tobias
On Sat, 06 Aug 2005 03:15:07 +0100
poncenby <[EMAIL PROTECTED]> wrote:
> just doesn't make sense. i wanted an answer within a day, didn't have
> time to read the man pages so posted a question to misc and got an
> answer (within a day).
What *you* want is rather irrelevant.
> When i post to mis
On 8/5/05, poncenby <[EMAIL PROTECTED]> wrote:
> if you think about what you said...
>
> "in the long run it's usually faster to do research"
>
> just doesn't make sense. i wanted an answer within a day, didn't have
> time to read the man pages so posted a question to misc and got an
> answer (w
Abraham Al-Saleh wrote:
On 8/5/05, poncenby <[EMAIL PROTECTED]> wrote:
Firstly I never said mentioned the word security, so I don't know where
Tobias got that from.
I apologise once again for not searching the archives and reading the
man pages.
May I suggest some tolerance(doesn't have to be
Shawn K. Quinn wrote:
On Fri, 2005-08-05 at 07:33 +0100, poncenby wrote:
May I suggest some tolerance(doesn't have to be sincere) for people
who are simply either too busy or too lazy to read man pages in their
entirety. or just simply ignore the email. surely certain people on
this list (the
haha, henning.. i love your technical responses to problems. they're
always very short, sweet and to the point (and you're 99.999% of the
time right).
if i could make it to a hackathon (or even get invited, heh) i'd buy a
round of beer for everyone to calm the *&%# down :P
On 8/5/05, Henning Br
On Fri, Aug 05, 2005 at 12:58:04PM +0200, mdff wrote:
> blah blah...
> he'd better do man syslogd... but assume this:
> - no pf for udp/514.
> - a DOS or DDOS to this OPEN port.
To DOS or DDOS a udp port it does not need to be open.
> - syslogd running just in "send mode".
> - and finally: no
syslog shutdown()s the port for reading. there is no real difference
to not opening it at all.
* mdff <[EMAIL PROTECTED]> [2005-08-05 13:13]:
> blah blah...
> he'd better do man syslogd... but assume this:
> - no pf for udp/514.
> - a DOS or DDOS to this OPEN port.
> - syslogd running just i
blah blah...
he'd better do man syslogd... but assume this:
- no pf for udp/514.
- a DOS or DDOS to this OPEN port.
- syslogd running just in "send mode".
- and finally: no remote syslogging configured because of only 1 box here.
will it take more ressources to handle this with an open port
co
On 8/5/05, poncenby <[EMAIL PROTECTED]> wrote:
> Firstly I never said mentioned the word security, so I don't know where
> Tobias got that from.
>
> I apologise once again for not searching the archives and reading the
> man pages.
>
> May I suggest some tolerance(doesn't have to be sincere) for
On 8/4/05, poncenby <[EMAIL PROTECTED]> wrote:
> I remember asking how to stop syslogd opening udp port 514 a while ago
> and never doing anything about it, here goes again...
better yet just compile your own version of nmap that
doesnt scan udp 514.
On Fri, 2005-08-05 at 07:33 +0100, poncenby wrote:
>
> May I suggest some tolerance(doesn't have to be sincere) for people
> who are simply either too busy or too lazy to read man pages in their
> entirety. or just simply ignore the email. surely certain people on
> this list (theo - that's you!)
> May I suggest some tolerance(doesn't have to be sincere) for people who
> are simply either too busy or too lazy to read man pages in their
> entirety.
Absolutely not. You were lazy and unwilling to educate yourself, and
are making other people watch you sluffing your way through life.
Firstly I never said mentioned the word security, so I don't know where
Tobias got that from.
I apologise once again for not searching the archives and reading the
man pages.
May I suggest some tolerance(doesn't have to be sincere) for people who
are simply either too busy or too lazy to rea
On Thu, 04 Aug 2005 15:50:58 -0600, Theo de Raadt
<[EMAIL PROTECTED]> wrote:
>The port is also used to (potentially) send data out to other syslog
>servers. Therefore, it is left open. This is made ASTOUNDINGLY
>clear in the manual page, if you would read it:
>
> syslogd opens the above desc
On 8/4/05, poncenby <[EMAIL PROTECTED]> wrote:
> I remember asking how to stop syslogd opening udp port 514 a while ago
> and never doing anything about it, here goes again...
Sure, syslogd opens UDP/514, but unless you use the '-u' flag the very
next thing it does is call shutdown(), which preven
On Thursday, August 4, poncenby wrote:
>
> I remember asking how to stop syslogd opening udp port 514 a while ago
> and never doing anything about it, here goes again...
And people asked you to search the archives.
> Proto Recv-Q Send-Q Local Address Foreign Address(state)
>
The port is also used to (potentially) send data out to other syslog
servers. Therefore, it is left open. This is made ASTOUNDINGLY
clear in the manual page, if you would read it:
syslogd opens the above described socket whether or not it is running in
secure mode. If syslogd is runni
I remember asking how to stop syslogd opening udp port 514 a while ago
and never doing anything about it, here goes again...
hopefully a relevant part of /etc/rc
echo 'starting system logger'
rm -f /dev/log
if [ "X${named_flags}" != X"NO" ]; then
rm -f /var/named/dev/log
syslogd
20 matches
Mail list logo
