syslog shutdown()s the port for reading. there is no real difference to not opening it at all.
* mdff <[EMAIL PROTECTED]> [2005-08-05 13:13]: > <snip>....blah blah...<snap> > he'd better do man syslogd... but assume this: > - no pf for udp/514. > - a DOS or DDOS to this OPEN port. > - syslogd running just in "send mode". > - and finally: no remote syslogging configured because of only 1 box here. > > will it take more ressources to handle this with an open port > compared to a closed one or not? i guess yes. and for security, > i guess a closed port is still better, than an application reading > all packets and discarding them... > > question: what about 1 more argv to have syslogd not to bind udp/514 at all? > > br, mdff... > -- BS Web Services, http://www.bsws.de/ OpenBSD-based Webhosting, Mail Services, Managed Servers, ... Unix is very simple, but it takes a genius to understand the simplicity. (Dennis Ritchie)
