On Tuesday 05 November 2002 03:30 T, Gino Pietro Guidi wrote: > I have recently came across an article that described secure > logging using snort. Basically snort was configured to dump the > contents of all syslog packets sent to a fake ip. Then that ip was > set up as the loghost ip on the remote hosts. With this > configuration, in theory, you wouldn't be able to hack into it > provided the snort box had no ip's on ANY interface and simply > listened. It was interesting but I haven't gotten around to trying > it yet. It sounds pretty strong to me though. I think it was in > Linux Journal that I read about it. I could probably find the > reference if anyone is interested... > The article is a Linux Journal: http://linuxjournal.com/article.php?sid=6222 I am reading it know and it sound interesting. -- cYa John Don't give up. DON'T EVER GIVE UP!!! "Jimmy V" ----------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Wed Nov 06 2002 - 08:58:21 PST