XML, yes; HTTPS, no. Why not https? Why not SSH tunnels? 1) SSH Tunnels are more simple to setup. 2) SSH is more widely available (i.e. more likely to exist on a wider range of systems) 3) SSH isn't bound to the antiquated standards of data transfer that are imposed by HTTPS. Yes, implementing a read/write packet-level protocol won't be as easy to implement, but it could prove to be faster and more portable. Am I vexed on re-inventing the wheel? no. Do I think https is a *bad* idea? no, just not a *good* idea. Just my $0.02. -C Corey J. Steele, Security Analyst Good Samaritan Society e-mail: csteele@good-sam.com voice: (605) 362-3899 >>> <edward.j.sargissonat_private> 08/14/01 06:19PM >>> Oh, I agree. It almost certainly should be in XML. However, we would still need to define a useful DTD. The HTTPS idea is a good one - although are there not processor overhead issues we need to worry about? Edward Michiel van der Kraats <michielat_private> on 15/08/2001 10:21:10 Please respond to michielat_private To: Edward J Sargisson/NZ/MCS/PwC@AsiaPac cc: loganalysisat_private Subject: Re: [loganalysis] Logging standards and such edward.j.sargissonat_private wrote: > > Why don't we have a look at defining a common logging standard ourselves? > We could then write little adaptors which hook into the custom formats and > spit out our common standard. On top of that we can write standard parsing > engines that can look at all the traffic and pass it through to standard > interface tools (e.g. GUI or mail). > > What do you think? > Without sounding like a zealot, maybe using XML for something like this is a good idea? Tools are easy enough to come by (Perl et al), It's standardized, self-descriptive and easily extendable. We could use https as a secure transport to a central logging server. -- Michiel van der Kraats ---------------------------------------------------------------- The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and delete the material from any computer. --------------------------------------------------------------------- To unsubscribe, e-mail: loganalysis-unsubscribeat_private For additional commands, e-mail: loganalysis-helpat_private --------------------------------------------------------------------- To unsubscribe, e-mail: loganalysis-unsubscribeat_private For additional commands, e-mail: loganalysis-helpat_private
This archive was generated by hypermail 2b30 : Wed Aug 15 2001 - 15:40:30 PDT