Originally Published: Tuesday, 21 December 1999 Author: Quentin Cregan
Published to: news_enhance_security/Security News Page: 1/1 - [Printable]

The DoS on sysklogd

[BugTraq] "There is an even more compelling reason to upgrade: After my logs were rotated, I noticed that the background chatter of script kiddies probing my firewall ceased. It turns out that when syslogd is sent a HUP "signal, it closes and recreates the /dev/log socket. If this is a stream socket, then klogd (the daemon responsible for forwaring kernel log messages) fails. Basically, after your logs are rotated, all kernel log messages are lost. Update your syslogd now."