System Log Flood contents.gifindex.gif

System Log Flood

The scanner generates enough entries within the firewall logs to fill them up and shut the firewall down. This vulnerability can result from poor firewall design, too small of a partition allocation, or the firewall log configuration. The scanner sends UDP Packets to the Syslog Port in an attempt to fill up the allocated partition and bring the target machine down.

Risk: Low

Fix: If you are not using remote logging, turn remote logging off in your syslog daemon.