Syslogd

    chroot jail

    no UDP by default (DOS attack); must filter if enabled

    Multiple logs

        newsyslog.conf controls secrecy of certain logs

    Daily insecurity report