OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
Subject: Re: I've been hit with ksyslogd
From: Daniel P. Zepeda (dpzPOBOX.COM)
Date: Thu Oct 12 2000 - 17:33:30 CDT

This is the kernel syslog daemon. You should turn it back on. There were
some vulnerabilities discovered lately in this package (at least on
Mandrake, I don't remember about the other distributions) so you may want
to upgrade. This daemon is a little hard to find because of the naming
convention, the binary is klogd, it is part of the syslog package (if you
use RedHat/Mandrake anyway) and it is called both ksyslogd and sysklogd,
depending on where you look.

In any event, if you are a Mandrake user, (and maybe others, look in
the maliing list archive) upgrade to the latest package and turn it back
on.

Thus spake Marco Presi on Thu, 12 Oct 2000:
> Hello all!!
>
> Do someone knows what this daemon does?
> I found it in /etc/inittab.
> It is not reported by ps as running, while the logger has trace of it.
>
> Now I disabled that line in inittab, but i would like to know what that
> daemon does, just to know if my local network could take trouble from
> it
>
> --
> Ciao Ciao
>
> Marco
>
> -------------------------------------------------------------------------
> Marco Presi
>
> mail to: mpresifub.it 

-- 
Daniel P. Zepeda
dpzpobox.com
Find my public keys at:
http://www.cs.utsa.edu/~dzepeda/PublicKeys.html