|
|
| Applications |
| Mailing Lists |
| Miscellaneous |
| Operating Systems |
| Programming |
RE: Remote Syslogd
From: Ben Boulanger <ben(at)blackavar.com>
Date: Wed Nov 06 2002 - 12:00:45 EST
This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com Received on Wed Nov 6 13:07:05 2002
Date: Wed Nov 06 2002 - 12:00:45 EST
On Wed, 6 Nov 2002, Alejandro Rusell wrote:
> This configuration is vulnerable to attacks trying to fill the log's repository.
If the attacker fills the network at cable speed, your syslogs aren't going to matter much anyway. You have larger problems. A printer certainly won't keep up with that. Planning for the edge conditions can get sticky fast. There's always some way around something you create, always some way to disable your alarms. Plan for the majority, plan -some- for the edges, but insure against the edges that you can't easily plan for.
Ben
This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com Received on Wed Nov 6 13:07:05 2002
This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:01:41 EDT
|
Contact Us Legal Notices Order Services Online Pantek Home Privacy Policy IT news Site Map Pantek Library |