syslogd/klogd problem - reseni
Pavel Kankovsky
peak na argo.troja.mff.cuni.cz
Pondělí Prosinec 20 20:12:11 CET 1999
On Mon, 20 Dec 1999, Dalibor Toman wrote:
> problem vznikne celkem logicky po te co syslogd dostane HUP signal.
> Cili je nutne po restartu syslogd pri rotaci logu jeste nakopnout
> klogd. Zajimave je ze ve starsich verzich (RH 4.2) jsem nic podobneho
> nepozoroval.
Tentokrat to neni vlastnost, ale chyba. Aktualizace sysklogd jest
doporucovana ctyrmi z peti odborniku na Linux. :)
<citat>
Date: Sun, 19 Dec 1999 13:04:42 -0500
From: David F. Skoll <dfs na ROARINGPENGUIN.COM>
To: BUGTRAQ na SECURITYFOCUS.COM
Subject: More on Red Hat 6.1 sysklogd
Red Hat has a security advisory at
http://www.redhat.com/support/errata/RHSA1999055-01.html detailing a
DoS attack against syslogd.
There is an even more compelling reason to upgrade: After my logs were
rotated, I noticed that the background chatter of script kiddies probing
my firewall ceased. It turns out that when syslogd is sent a HUP
signal, it closes and recreates the /dev/log socket. If this is a
stream socket, then klogd (the daemon responsible for forwaring kernel
log messages) fails.
Basically, after your logs are rotated, all kernel log messages are
lost. Update your syslogd now.
....
</citat>
--Pavel Kankovsky aka Peak [ Boycott Microsoft--http://www.vcnet.com/bms ]
"Resistance is futile. Open your source code and prepare for assimilation."
Další informace o konferenci Linux