A gem from the man pages

[purko]

syslogd( - Linux man page

--------------------------------

[...]

There is the potential for the syslogd daemon to be used as a conduit for a denial of service attack. Thanks go to John Morrison ([email protected]) for alerting me to this potential. A rogue program(mer) could very easily flood the syslogd daemon with syslog messages resulting in the log files consuming all the remaining space on the filesystem. Activating logging over the inet domain sockets will of course expose a system to risks outside of programs or individuals on the local machine.

 

There are a number of methods of protecting a machine:

[...]

4. Disabling inet domain sockets will limit risk to the local machine.

 

5. Use step 4 and if the problem persists and is not secondary to a rogue program/daemon get a 3.5 ft (approx. 1 meter) length of sucker rod* and have a chat with the user in question.

 

* Sucker rod def. - 3/4, 7/8 or 1in. hardened steel rod, male threaded on each end. Primary use in the oil industry in Western North Dakota and other locations to pump 'suck' oil from oil wells. Secondary uses are for the construction of cattle feed lots and for dealing with the occasional recalcitrant or belligerent individual.