: Jim Carroll writes:
: Stephen Martin writes:
: > From listening to the thread do far, it seems that the main threat to syslog
: > is through the denial of service caused by filling up the loghosts disk. It
: > might therefore be a good idea to have /var/log or where ever you want the
: > logging to go, be a separate partition so that your loghost can not be
: > screwed up by filling up it's root partition.
: Agreed. Then, although not perfect, it would seem that the best way
: to prevent this is to assign a Really Big Disk to the partition that
: syslogd writes to.
: I kinda like the printing option, but I would imagine that you'd have
: to have a Really Fast Printer with Lots Of Paper (and maybe a Really
: Big Buffer :) in order to avoid the denial of service attack.
Well, there's *always* an Exabyte with a stacker! <*grin*> Somebody's
going to have to work *awfully* hard to flood _that_! And, I would sure
*hope* that the situation would get -noticed-, before that logging device
filled up.
NOTE: I didn't say it was a _practical_ solution! ;*)
Follow-Ups:
-
Re: Syslog
From: Darren Reed <avalon @
coombs .
anu .
edu .
au>
|
|
