Which approach is intended to prevent exploits that target syslog?
- Use syslog-ng.
- Use a Linux-based server.
- Use a VPN between a syslog client and the syslog server.
- Create an ACL that permits only TCP traffic to the syslog server.
| Answers Explanation & Hints:
Hackers may try to block clients from sending data to the syslog server, manipulate or erase logged data, or manipulate the software used to transmit messages between the clients and the server. Syslog-ng is the next generation of syslog and it contains improvements to prevent some of the exploits. |