Skip to main content

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [mosquitto-dev] logcheck warning about reduced log file size

Hi Dominik,

> I just subscribed to the list - thank you very much for this excellent
> MQTT implementation. It works very well.

Thanks and welcome.

> Now I received the following warning:
> *************** This could indicate tampering.
> *** WARNING ***: Log file /var/log/mosquitto/mosquitto.log is smaller
> than last time checked!
> Now I'm wondering whether this may be caused by the logfile rotation
> mechanism (rotation took place within the same period).
> If this is plausible, why do I receive such a warning after half a year
> for the first time?
> If this is not plausible, how could I further track down what happened?

Did you check the contents of the log files to make sure they look
plausible? I think it's very likely it is down to to log rotation but
I can't explain why you wouldn't have seen it before.

> Also, what would be potential ways for gaining unauthorized access
> through mosquitto? Is there a good summary about security and mosquitto?

Mosquitto isn't shy about disconnecting clients that are misbehaving
(sending invalid data). It checks data input and all memory
allocations. Having said that, if you're not using authentication (and
encryption) then anybody could connect if they have the host details.
At that point they are limited by whatever your local clients can do.



Back to the top