RSH and Syslog port

From: gladston@br.ibm.com
Date: Mon Aug 22 2005 - 09:29:50 GMT-3

• Next message: Ali.Huang: "Re: GRE Tunnel always down"
• Previous message: Scott Morris: "RE: GRE Tunnel always down"
• Next in thread: Thomwin Chen: "Re: RSH and Syslog port"
• Maybe reply: Thomwin Chen: "Re: RSH and Syslog port"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hi,

Port 514 TCP is RSH.

Port 514 UDP is Syslog.

IOS shows Syslog as an option for tcp port 514

Rack2R5(config)#access-list 108 permit tcp a a eq ?
  syslog Syslog (514)

Is there any change I am not aware of?

====================
quoted
 In the past, the custom was to allocated each type of port independently, so port 514/tcp belongs to the remote shell (rsh) and 514/udp is used by the system logger (syslogd)
=====================

====================
quoted
Port 514 syslog, rsh

    (UDP) Receives incoming 'syslog' messages and logs them to a database. The 'syslogd' is one of the more important daemons running on a UNIX host. A common hacker technique is to flood messages at the syslog daemon in hopes to fill up its queue. Client ports are both above and below port 1023.

    (TCP) rsh (remote shell) sends a command to a shell on the remote machine and receives the stderr and stdout from it.

http://www.iss.net/security_center/advice/Exploits/Ports/514/default.htm
======================

• Next message: Ali.Huang: "Re: GRE Tunnel always down"
• Previous message: Scott Morris: "RE: GRE Tunnel always down"
• Next in thread: Thomwin Chen: "Re: RSH and Syslog port"
• Maybe reply: Thomwin Chen: "Re: RSH and Syslog port"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sun Sep 04 2005 - 17:01:19 GMT-3