All valid points, I hadn't thought of those reasons. Thanks
Tony > > On Sat, 1 Dec 2001, Tony wrote: > > > > > I guess I don't completely understand why you need a JFFS for > > something that under normal circumstances, isn't written to > > physically. If you have a crash/powerdown situation, with resumption > > of service, you just reload your image and continue to > > firewall/route. Would the JFFS be in play to preserve the logs? > > If so, wouldn't it be easier/safer/more secure to forward them to an > > internal syslog server? > > > > I like doing this, but there are concerns with doing it in > anything less > than a perfectly trusted environment: If your log host is unavailable, > you're not logging; if malicious listeners are on the LAN, > they can see > everything you log (could be quite useful when scanning or rooting a > server); if malicious users are on the LAN, they can flood > the listening > syslog server and prevent real logs from getting through. > > syslog-ng is supposed to fix a lot of these problems, but I've never > gotten around to taking a look at it. > > -- > Jack Coates > Monkeynoodle: A Scientific Venture... > > _______________________________________________ Leaf-devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-devel
