At 03:09 PM 10/20/1999 +0200, Magosanyi Arpad wrote:
>A levelez�m azt hiszi, hogy Volker Wiegand a k�vetkez�eket �rta:
>
>> > It must be a single port one way tcp connection. One way means
>> > "one tcp socket", not "packets going only to one direction".
>> >
>> No, IMHO we want TCP _and_ UDP. I use two loghosts and many clients. That
>> would mean a large number of TCP connections. Please, allow UDP also.
>
>Kontra.
>
>With plain UDP you are subject to DOS attack, lost messages, maliciously
>inserted log messages, etc.
On that last attack, this is a problem that syslog-sec can and should
address. It's not impossible to insert messages into a TCP connection, so
real security should allow those concerned to authenticate the received
messages, regardless of the transport protocol
Bob
