haha, henning.. i love your technical responses to problems. they're always very short, sweet and to the point (and you're 99.999% of the time right).
if i could make it to a hackathon (or even get invited, heh) i'd buy a round of beer for everyone to calm the *&%# down :P On 8/5/05, Henning Brauer <[EMAIL PROTECTED]> wrote: > syslog shutdown()s the port for reading. there is no real difference > to not opening it at all. > > * mdff <[EMAIL PROTECTED]> [2005-08-05 13:13]: > > <snip>....blah blah...<snap> > > he'd better do man syslogd... but assume this: > > - no pf for udp/514. > > - a DOS or DDOS to this OPEN port. > > - syslogd running just in "send mode". > > - and finally: no remote syslogging configured because of only 1 box here. > > > > will it take more ressources to handle this with an open port > > compared to a closed one or not? i guess yes. and for security, > > i guess a closed port is still better, than an application reading > > all packets and discarding them... > > > > question: what about 1 more argv to have syslogd not to bind udp/514 at all? > > > > br, mdff... > > > > -- > BS Web Services, http://www.bsws.de/ > OpenBSD-based Webhosting, Mail Services, Managed Servers, ... > Unix is very simple, but it takes a genius to understand the simplicity. > (Dennis Ritchie)