[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] RaQ3 syslogd 1.3-3: restart Normal?

Subject: Re: [cobalt-security] RaQ3 syslogd 1.3-3: restart Normal?
From: Wayne Sagar <wsagar@xxxxxxxx>
Date: Wed, 25 Apr 2001 21:13:53 -0700
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

At 06:27 PM 4/25/01 -0500, you wrote:
>Syslog seems to freak out if the log file it's writing to changes. More 
>specifically, the inode pointer changes with the way log rotate works. So, 
>in order for the log rotate function to work, Syslog will get restarted.

<phew!> Thanks Charile!

I'm still running sort of paranoid here... the other day I just happened to
log on and do a netstat, there was a telnet connection showing ESTABLISHED
and I've got telnet turned off... The connection was gone one second later
and I'm still not sure what it was... an attempted connection that I just
*happened* to see in that brief moment.. or... perhaps a hidden version of
telnet somewhere on the box that someone is using as a back door... ??

All checks have shown nothing out of the ordinary going on with the box..
But I'm looking constantly for anything suspicious.. perhaps a bit too hard. 

Some have suggested a ground up rebuild just to be sure and I may yet do
this.. but for now, I'll keep watching like a hawk and hope for the best. 

Thanks for the response and helping me put this little system "glitch" to
bed... !!

Wayne Sagar

Prev by Date: Re: [[cobalt-security] RaQ3 syslogd 1.3-3: restart Normal?]
Next by Date: Re: [[cobalt-security] RaQ3 syslogd 1.3-3: restart Normal?]
Previous by thread: Re: [cobalt-security] RaQ3 syslogd 1.3-3: restart Normal?
Next by thread: Re: [cobalt-security] re: Telnet security

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index