Another response, this from Dr. Blinn:
>I believe V4.0D added support in syslogd to screen which remote systems are
>allowed to send information to the central log. I believe this is covered
>in the V4.0D release notes, or maybe it's in the syslog or syslogd man page,
>in any case, look for the info and make sure you've enabled the logging from
>the remote systems; I suspect the default is to disallow logging, since it's
>a security hole through which someone can attack the central logging system.
>
>Tom
>
> Dr. Thomas P. Blinn + UNIX Software Group + Compaq Computer Corporation
> 110 Spit Brook Road, MS ZKO3-2/U20 Nashua, New Hampshire 03062-2698
> Technology Partnership Engineering Phone: (603) 884-0646
> Internet: tpb_at_zk3.dec.com Digital's Easynet: alpha::tpb
> ACM Member: tpblinn_at_acm.org PC_at_Home: tom_at_felines.mv.net
I send this because it reminded me that I forgot a rant with my first
summary. I did finally find this in the release notes. I had read through
the release notes before I upgraded but there's just too much in there to
remember.
I can understand late changes not making it into the printed documentation
(though most of the release notes are printed, eh?). But there's little
excuse for this stuff not being in the man pages. There's nothing in ANY
man page that mentions syslog.auth. Why can't the people who are writing up
the release notes simultaneously work that stuff into the man pages?
And as a note to the syslogd developer: why domain names but not IP
addresses? Why not domain ranges? Why can't I turn it off? I use this
machine to log SNMP traps from 200+ network devices which do not have
domain names. It's not practical for me to a)add them all to /etc/hosts and
then b) add them all to syslog.auth. I can appreciate the security issues
here, but I think we've gone too far the other way. This 'hole' has been
here for what, the past decade? It's rather like a fellow who always left
his apartment windows open for the light and air. After years of this he
gets robbed and to prevent a recurrence fills in the windows with cinder
blocks.
End of rant. Sorry.
_______________________________________________________________________
Rick Beebe (203) 785-4566
Network Engineering Manager FAX: (203) 737-4037
ITS-Med Technology Operations Richard.Beebe_at_yale.edu
Yale University School of Medicine
P.O. Box 208089, New Haven, CT 06520-8089
_______________________________________________________________________
Received on Wed Jul 22 1998 - 01:16:51 NZST