Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!


Click here to return to the 'A replacement for OS X's syslog utility' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
A replacement for OS X's syslog utility
Authored by: djdawson on Jul 04, '07 11:50:52AM

I know this is an old hint, but I'd thought I'd clarify on the issue with TCP syslogging to Cisco PIX devices. If a Cisco PIX firewall is configured to use TCP syslogging, it will stop forwarding all traffic if it can't connect to the configured syslog server. This is a security feature, the thinking being that if an attacker were trying to cover his tracks by taking down the syslog server, then the more secure behavior is to stop all traffic in case the PIX is in the path of the attacker's traffic. So, unless you know you have a very reliable syslog server, don't use the TCP syslog feature in a Cisco PIX firewall unless you're willing to accept this behavior.



[ Reply to This | # ]