Re: [loganalysis] Re: Central syslog server best practices?

From: Ed Ravin (eravinat_private)
Date: Thu Aug 16 2001 - 10:09:51 PDT

Next message: Mordechai T. Abzug: "Re: [loganalysis] Logging standards and such"

Previous message: Mordechai T. Abzug: "Re: [loganalysis] Logging standards and such"
In reply to: Mordechai T. Abzug: "Re: [loganalysis] Re: Central syslog server best practices?"
Next in thread: Jeff King: "RE: [loganalysis] Re: Central syslog server best practices?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Mordechai T. Abzug writes:

[on how to get syslog messages or their equivalent to a logging server]

> "cryptcat" (available for both *nix and *doze) encrypts, but doesn't
> authenticate. [...]
> "stunnel" (available for *nix and *doze) will encrypt arbitrary TCP
> data via SSL.

What about setting up a GRE tunnel to the central log server?  At
least then the individual systems could still send their syslog
messages the regular way, via UDP packet, and you'd have some
assurance when the packet arrived that it wasn't spoofed (or at
least it wasn't trivially spoofed :-).

---------------------------------------------------------------------
To unsubscribe, e-mail: loganalysis-unsubscribeat_private
For additional commands, e-mail: loganalysis-helpat_private

Next message: Mordechai T. Abzug: "Re: [loganalysis] Logging standards and such"
Previous message: Mordechai T. Abzug: "Re: [loganalysis] Logging standards and such"
In reply to: Mordechai T. Abzug: "Re: [loganalysis] Re: Central syslog server best practices?"
Next in thread: Jeff King: "RE: [loganalysis] Re: Central syslog server best practices?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Aug 16 2001 - 10:19:05 PDT