>Another thing to consider would be to "pull" the logs from the machines to >the logserver, rather than "pushing" them. There's a fairly simple toy I wrote for a secure programming class about a zillion years ago called get/put - it does encrypted/authenticated (non public key, tho..) file transfers and includes chrooting and a notion of an anonymous (unencrypted) put - you can set up a get/put server and just have everything get anonymously put into a chrooted zone and you'll be just fine. The code is on http://www.ranum.com/pubs you need an old libdes library to build it; I am upgrading the crypto to AES/SHA-1 in the not too distant future because I am actually using get/put for transferring files to/from the HotZone honeypot. mjr. --- Marcus J. Ranum Chief Technology Officer, NFR Security, Inc. Work: http://www.nfr.com Personal: http://www.ranum.com --------------------------------------------------------------------- To unsubscribe, e-mail: loganalysis-unsubscribeat_private For additional commands, e-mail: loganalysis-helpat_private
This archive was generated by hypermail 2b30 : Mon Feb 18 2002 - 13:07:22 PST