17 Feb
2000
17 Feb
'00
6:28 p.m.
kent@unit.liu.se (Kent Engström) writes:
Everything worked fine until I decided to portscan the syslog server. When I did a UDP scan, syslog-ng stopped logging. This is what happens:
*) I execute "nmap -p 514 -sU xxx.yyy.zzz.www" on a Linux box
Using options "-v" and "-d", I catch the following: Read EOF on fd 3. Marking fd 3 for closing. Closing fd 3. It appears that libol is the culprit here. It assumes that a returned read length of 0 means end of file, as when reading from a file or a TCP connection. -- Kent Engström, Linköping University Incident Response Team kent@unit.liu.se abuse@liu.se +46 13 28 1744 UNIT, Linköping University; SE-581 83 LINKÖPING; SWEDEN