At 17:21 23.11.99 -0500, Shafik Yaghmour wrote: > So if you have a high system load it is okay to have some of the >syslog messages lost? Hmm, I dunno, IMHO it is never okay, I mean why >should you open up the opportunity at all. You know, security based on >something being "not so prone to failure" doesn't exactly make me feel >warm and cozy. For the connection of syslogd there seems to be two solutions: * datagram sockets / connection less: - messages could get lost on transport + no resource exhaustion possible, malicious client can't bring service down * stream sockets / connection based: + no messages could get lost on transport - resource exhaustion possible, malicious client can bring service down Both solutions have advantages and disadvantages. By Goetz -- Goetz Babin-Ebell mailto:babinebellat_private TC Trust Center for Security http://www.trustcenter.de in Data Networks GmbH Tel.: +49-40-80 80 26-0 Sonninstr. 24-28 / 20097 Hamburg / Germany Fax.: +49-40-80 80 26-126
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:14:03 PDT