HPE Community
Operating System - HP-UX
1833285 Members
3048 Online
110051 Solutions
New Discussion

Closing port 514/UDP syslog

 
SOLVED
Go to solution
Les Warden
Occasional Contributor

‎02-05-2002 01:38 PM

‎02-05-2002 01:38 PM

Closing port 514/UDP syslog

I'm locking down our HP-UX 11.0 dns caching servers. I have syslog messages going to an external machine. These *field* machines will NOT be collecting syslog messages from outside sources (just sending). Can I turn off port 514/udp without affecting syslog messages going out? If so, suggestions? Thanks in advance.
0 Kudos
Reply
2 REPLIES 2
Ron Kinner
Honored Contributor

‎02-05-2002 02:58 PM

‎02-05-2002 02:58 PM

Solution

Re: Closing port 514/UDP syslog

Look at:

http://people.hp.se/stevesk/bastion11.html

They recommend:

Prevent syslogd from listening on the network.
PHCO_21023 can be installed which adds a -N option to syslogd to prevent it from listening on the network for remote log messages. After installing this patch, edit /sbin/init.d/syslogd and modify the line that starts syslogd to be /usr/sbin/syslogd -DN.


There are a lot of other tips on tightening up your security in the article.

Ron
Reply
K.Vijayaragavan.
Respected Contributor

‎02-05-2002 09:05 PM

‎02-05-2002 09:05 PM

Re: Closing port 514/UDP syslog

syslogd service may be denied for the remote networks / servers by adding the entry
"syslogd deny /" in the file "/var/adm/inetd.sec" .

Run the command "#inetd -c " to make changes into effect.

With this above approach you will be able to use UDP port/514 for sending any syslog messages but may not be able to get anything through this port.

But i haven't tried it practically . Hope this may help you.

-Vijay
"Let us fine tune our knowledge together"
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.