LogAnalysis
[logs] Passive syslog monitoring Jan 29 2008 11:00PM
ron dilley (ron dilley gmail com) (1 replies)
Re: [logs] Passive syslog monitoring Jan 30 2008 12:06AM
Mordechai T. Abzug (morty frakir org) (1 replies)
On Tue, Jan 29, 2008 at 03:00:17PM -0800, ron dilley wrote:

> I have just posted an update to the Passive Syslog Monitoring Daemon
> ( http://sourceforge.net/projects/psmd).

That sounds cool. But what's the point? The risk of running a daemon
is not because your OS has an open socket, it's because you're
processing untrusted data. Most security checklists say to disable
open sockets, but only because they equate open sockets with
processing untrusted data. A passively listening daemon is still
processing untrusted data.

- Morty
_______________________________________________
LogAnalysis mailing list
LogAnalysis (at) loganalysis (dot) org [email concealed]
http://www.loganalysis.org/mailman/listinfo/loganalysis

[ reply ]
Re: [logs] Passive syslog monitoring Jan 30 2008 12:25AM
ron dilley (ron dilley gmail com)


 

Privacy Statement
Copyright 2010, SecurityFocus