Bug 574 - Default syslogd behavior of not binding udp/514 isn't true
Summary: Default syslogd behavior of not binding udp/514 isn't true
Status: CLOSED NOTABUG
Alias: None
Product: Red Hat Linux
Classification: Retired
Component: sysklogd
Version: 5.0
Hardware: i386
OS: Linux
medium
medium
Target Milestone: ---
Assignee: David Lawrence
QA Contact:
URL:
Whiteboard:
Keywords: Security
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 1998-12-23 17:27 UTC by beldridg
Modified: 2008-05-01 15:37 UTC (History)
1 user (show)

(edit)
Clone Of:
(edit)
Last Closed: 1999-01-12 23:42:18 UTC


Attachments (Terms of Use)

Description beldridg 1998-12-23 17:27:28 UTC
According to the man page for syslogd,

"The default behavior is that syslogd won't listen to the
network."

Yet, check this out:

[root@gateway init.d]# uname -a
Linux gateway.home.com 2.0.36 #6 Mon Nov 23 13:16:03 PST
1998 i586 unknown
[root@gateway init.d]# cat /etc/issue

Red Hat Linux release 5.0 (Hurricane)
Kernel 2.0.36 on an i586

[root@gateway init.d]# lsof -i -P |grep 514
[root@gateway init.d]# syslogd -v
syslogd 1.3-3
[root@gateway init.d]# rpm -qf `which syslogd`
sysklogd-1.3-25                        (Note: upgraded to
latest RPM)
[root@gateway init.d]# syslogd         (Note: no -r flag
given)
[root@gateway init.d]# lsof -i -P |grep 514
syslogd 4880 root    1u  inet 0x010de810        0t0   UDP
*:514
[root@gateway init.d]# ./syslog stop
Shutting down system loggers: syslogd
[root@gateway init.d]# lsof -i -P |grep 514
[root@gateway init.d]#


Looks like a bug. What do you think?

Comment 1 David Lawrence 1999-01-12 23:42:59 UTC
This is not a bug. Syslogd opens the port when it first starts but it
is not listening to the port. Therefore it is not a security concern.

syslogd   231 root    1u  inet 0x03636810        0t0  UDP *:514


Note You need to log in before you can comment on or make changes to this bug.