[ISN] Next Generation Secure Remote Log Servers over TCP

From: InfoSec News (isnat_private)
Date: Mon Jun 10 2002 - 03:10:07 PDT

  • Next message: InfoSec News: "[ISN] Hackers unlocking Norway's history"

    Forwarded from: Dave Wreski <daveat_private>
    Flying Pigs: Snorting Next Generation Secure Remote Log Servers over
    TCP By Eric "Loki" Hines for LinuxSecurity.com
    A Comprehensive Guide to Building Encrypted, Secure Remote Syslog-ng
    Servers with the Snort Intrusion Detection System
    The precursor to this article, Creating Secure Remote Log Servers, was
    the first in a series of papers focused on walking readers through
    configuring and deploying secure remote log servers. This second paper
    in the series offers a much more robust alternative to first
    generation SYSLOG servers; providing a much more reliable remote
    logging facility that is effective for use within Honeynets
    (http://project.honeynet.org) and Intrusion Detection System
    deployments. Remote log servers can provide centralized logging
    capability for IDS' spread across large network environments. I have
    proposed this approach for centralized logging in large IDS
    deployments on government networks that typically consist of multiple
    CLASS A networks.
    Dave Wreski
    Corporate Manager                           Guardian Digital, Inc.
    (201) 934-9230                Pioneering.  Open Source.  Security.
    daveat_private            http://www.guardiandigital.com
    ISN is currently hosted by Attrition.org
    To unsubscribe email majordomoat_private with 'unsubscribe isn'
    in the BODY of the mail.

    This archive was generated by hypermail 2b30 : Mon Jun 10 2002 - 06:11:03 PDT