From the man page
syslogd(8):
Code:
-u Select the historical ``insecure'' mode, in which syslogd will
accept input from the UDP port. Some software wants this, but
you can be subjected to a variety of attacks over the network,
including attackers remotely filling logs.
And:
Code:
syslogd opens an Internet domain socket as specified in /etc/services.
Normally syslogd will only use this socket to send messages outwards, but
in ``insecure'' mode it will also read messages from this socket....