[Snort-users] Win32 Port and Syslog
mike at ...92...
Sat Nov 25 01:08:55 EST 2000
-----BEGIN PGP SIGNED MESSAGE-----
> Take into consideration that there are also syslog-servers that
> allow you to specify the listening port yourself. So the server
> port should probably configurable.
Well according to my FreeBSD syslogd:
ipaddr/masklen[:service] Accept datagrams from ipaddr
usual dotted quad notation)
masklen bits being taken
when doing the address
If specified, service is the
number of an UDP service
services(5)) the source
belong to. A service of `*'
packets being sent from any
The default service is
missing masklen will be
by the historic class A or
netmasks if ipaddr belongs
address range of class A or
spectively, or by 24
This is why I asked if the PORT should be the PORT the UDP packet is
I agree if you Gregor, although, I am not sure how most people
implement their syslog servers.
If no one else speaks up then I will make the PORT the port on the
remote syslog server.
Chief Technical Officer
Data Nerds, LLC.
> Gregor Binder <gbinder at ...462...>
> http://www.sysfive.com/~gbinder/ sysfive.com GmbH UNIX.
> Networking. Security. Applications. Gaertnerstrasse 125b, 20253
> Hamburg, Germany TEL +49-40-63647482
-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com>
-----END PGP SIGNATURE-----
More information about the Snort-users