sysklogd security patch
cheeziologist at mail.isc.rit.edu
Fri Jul 25 07:08:54 PDT 2003
On Fri, 25 Jul 2003 06:49:21 -0500, Dagmar d'Surreal
<dagmar.wants at nospam.com> wrote:
> On Thu, 2003-07-24 at 12:30, Gerard Beekmans wrote:
>> On Sat, 2003-07-19 at 13:21, Dagmar d'Surreal wrote:
>> If syslog is insecure and all that, would syslog-ng be a good
>> replacement from that point of view?
> Syslog-ng is a whole 'nother ball of wax, and an entirely different
> codebase to boot. From a system stability (read: availability) and
> change management standpoint, if one is already using the normal
> sysklogd package, the patch is a much less intrusive change and requires
> much less work to upgrade to and test.
> Let's face it, if security is a priority at a site, then system activity
> logs are _very_ important and it would not be a good idea to go changing
> the one thing that can futz up log data and maybe break anomaly scanners
> without a really, really good reason and plenty of testing.
I agree with you but in the context of this book, we are talking about
building a new system from scratch. If you build syslog-ng from the
beginning of using your system then there is no problem. Perhaps Gerard was
saying something else, but I read him as saying that perhaps syslog should
be replaced with syslog-ng in the book.
Registered LFS User 6929
Registered Linux User 298182
cheeziologist at attbi dot com is about to be invalid...plz use this new
Unsubscribe: send email to listar at linuxfromscratch.org
and put 'unsubscribe lfs-dev' in the subject header of the message
More information about the lfs-dev