Harry Hoffman wrote: > > Hi Jason, > We are using syslog-ng and stunnel to accomplish this. > We pump everything from the client over a secure tunnel > into our syslog server. This is from your dmz to your internal network? stunnel? Talk about exposing heaps of functionality. You've gone from exposing a couple of hundred lines of simple message processing to hundreds of _thousands_ of lines of crypto code. Unless you have a very compelling reason for attempting to protect the boxes in the dmz from tampering with eachother's log streams (because stunnel certainly doesn't prevent an intruder on Box A from tampering with the stream from Box A, or from attacking the message processing layer on the inside log receiver), I'd remove stunnel and just go with plain tranport. -- Mikael Olsson, Clavister AB Storgatan 12, Box 393, SE-891 28 ÖRNSKÖLDSVIK, Sweden Phone: +46 (0)660 29 92 00 Mobile: +46 (0)70 26 222 05 Fax: +46 (0)660 122 50 WWW: http://www.clavister.com _______________________________________________ LogAnalysis mailing list LogAnalysisat_private http://lists.shmoo.com/mailman/listinfo/loganalysis
This archive was generated by hypermail 2b30 : Mon Jan 20 2003 - 15:08:28 PST