Is it time to block all Microsoft protocols in the core?

• Previous message (by thread): Is it time to block all Microsoft protocols in the core?
• Next message (by thread): Is it time to block all Microsoft protocols in the core?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Monday, Jan 27, 2003, at 14:04 Asia/Katmandu, Sean Donelan wrote:

> Its not just a Microsoft thing.  SYSLOG opened the network port by
> default, and the user has to remember to disable it for only local
> logging.

You're using mixed tense in these sentences, so I can't tell whether 
you think that syslog's network port is open by default on operating 
systems today.

On FreeBSD, NetBSD, OpenBSD and Darwin/Mac OS X (the only xterms I 
happen to have open right now) this is not the case, and has not been 
for some time. I presume, perhaps naïvely, that other operating systems 
have done something similar.

>> [...]
>>
>> DESCRIPTION
>>      syslogd reads and logs messages to the system console, log 
>> files, other
>>      machines and/or users as specified by its configuration file.
>>
>>      The options are as follows:
>>
>> [...]
>>
>>      -u      Select the historical ``insecure'' mode, in which 
>> syslogd will
>>              accept input from the UDP port.  Some software wants 
>> this, but
>>              you can be subjected to a variety of attacks over the 
>> network,
>>              including attackers remotely filling logs.
>>
>> [...]


Joe

• Previous message (by thread): Is it time to block all Microsoft protocols in the core?
• Next message (by thread): Is it time to block all Microsoft protocols in the core?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]