From Oracle Linux 5 Security Technical Implementation Guide
Part of GEN005480
Associated with: CCI-000366
Unintentionally running a syslog server accepting remote messages puts the system at increased risk. Malicious syslog messages sent to the server could exploit vulnerabilities in the server software itself, could introduce misleading information in to the system's logs, or could fill the system's storage leading to a Denial of Service.
Ask the SA if the system is an authorized syslog server. If the system is an authorized syslog server, this is not applicable. Determine if the system's syslog service is configured to accept remote messages. # ps -ef | grep syslogd If the '-r' option is present, the system is configured to accept remote syslog messages, and this is a finding.
Edit /etc/sysconfig/syslog to removing the '-r' in SYSLOGD_OPTIONS. Restart the syslogd service.
Lavender hyperlinks in small type off to the right (of CSS
class id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle or
Accept: application/rdf+xml.
Powered by sagemincer