Hi Tom, Isn't syslog-sign still on early design? We do plan to support it eventually on msyslog, but in a generic way. It wouldn't be my #1 choice. I'd use some L-PEO way of protection with a sequence, thus using the same protection in the host (even after administrator log tampering), transport (integrity, anti-reply, etc) and storage (same goals). Also, I wouldn't forward logs through network as plaintext, it could tell critical data to an attacker or could, on some crypto channel configurations, help a known-plaintext attack (ie. logs get later forwarded with a VPN). I guess syslog-ng people are working up something right now. Cheers, Alejo Tom Perrine wrote: > > We're starting a new development project for a high-performance syslog > that will also be compatible with the syslog-reliable and syslog-sign > drafts. > > I'd like to find some alternate implementations to test against for > interoperability. > > Any suggestions for any syslogs that support these? > > --tep -- Alejo Sanchez - Developer mailto:alejo@core-sdi.com Core SDI S.A. http://www.alejo.com.ar --------------------------------------------------------------------- To unsubscribe, e-mail: loganalysis-unsubscribeat_private For additional commands, e-mail: loganalysis-helpat_private
This archive was generated by hypermail 2b30 : Sat Oct 13 2001 - 09:20:54 PDT