Humorous Documentation

Are you a Linux advocate? Post your success stories here.
Post Reply
User avatar
Void Main
Site Admin
Site Admin
Posts: 5716
Joined: Wed Jan 08, 2003 5:24 am
Location: Tuxville, USA
Contact:

Humorous Documentation

Post by Void Main » Thu Apr 24, 2003 10:32 pm

I just ran across a humorous item in the syslogd man page (naaa, syslogd? who'da thunk?). Check out step number 5 under the "SECURITY THREATS" section:
SECURITY THREATS
There is the potential for the syslogd daemon to be used as a conduit
for a denial of service attack. Thanks go to John Morrison (jmor-
riso@rflab.ee.ubc.ca) for alerting me to this potential. A rogue pro-
gram(mer) could very easily flood the syslogd daemon with syslog mes-
sages resulting in the log files consuming all the remaining space on
the filesystem. Activating logging over the inet domain sockets will
of course expose a system to risks outside of programs or individuals
on the local machine.

There are a number of methods of protecting a machine:

1. Implement kernel firewalling to limit which hosts or networks
have access to the 514/UDP socket.

2. Logging can be directed to an isolated or non-root filesystem
which, if filled, will not impair the machine.

3. The ext2 filesystem can be used which can be configured to limit
a certain percentage of a filesystem to usage by root only.
NOTE that this will require syslogd to be run as a non-root pro-
cess. ALSO NOTE that this will prevent usage of remote logging
since syslogd will be unable to bind to the 514/UDP socket.

4. Disabling inet domain sockets will limit risk to the local
machine.

5. Use step 4 and if the problem persists and is not secondary to a
rogue program/daemon get a 3.5 ft (approx. 1 meter) length of
sucker rod* and have a chat with the user in question.

Sucker rod def. -- 3/4, 7/8 or 1in. hardened steel rod, male
threaded on each end. Primary use in the oil industry in West-
ern North Dakota and other locations to pump 'suck' oil from oil
wells. Secondary uses are for the construction of cattle feed
lots and for dealing with the occasional recalcitrant or bel-
ligerent individual.

User avatar
Calum
guru
guru
Posts: 1349
Joined: Fri Jan 10, 2003 11:32 am
Location: Bonny Scotland
Contact:

Post by Calum » Fri Apr 25, 2003 4:59 am

did the BOFH write that man page?

X11
guru
guru
Posts: 676
Joined: Sun Jan 19, 2003 11:09 pm
Location: Australia
Contact:

Post by X11 » Tue Jul 08, 2003 1:43 pm

No sorry I didnt write it, it was amusing though.

Oh wait im the MES BTFH (Microsoft Eradication Society Bartsted Troll from Hell) With Moderator priveleges.

I think I should moderate.

Post Reply