[SunHELP] syslog security

Dale Ghent sunhelp at sunhelp.org
Sat Feb 17 01:19:12 CST 2001


On Fri, 16 Feb 2001, Cardinal Christopher wrote:

| Just curious if there is any way to limit access to particular servers using
| a networked syslog server. As I understand it, any server in the Internet
| can log to my syslog server if they know the IP address and facility and
| level of logging. Thanks.

There isnt a ACL facility in syslogd itself to use to limit access. Your
recourse is to use one of the following ways:

1) Filters on the router the server(s) is off of.

2) Installing the ipfilter package and using it's firewalling features to
filter your local ports.

3) Ditch Solaris syslogd and use the freely-available syslog-ng
      http://www.balabit.hu/en/products/syslog-ng/

/dale




More information about the SunHELP mailing list