Security Basics mailing list archives
RE: Syslog over Internet
From: "DeGennaro, Gregory" <Gregory_DeGennaro () csaa com>
Date: Mon, 18 Aug 2003 10:07:00 -0700
Not a very good idea for two reasons; 1) You could get syslog bombed - a form of DoS. 2) Sensitive information, like IP addresses and DNS (machine)names, are listed in Syslog. 3) I, and others will agree, that security information should stay within the company for many reasons such as confidentiality, easier to access, validity of the logs, and etc. If you have to absolutely do this; make sure to either encrypt the logs or send it over an encrypted tunnel and make sure to hash the logs. However, personally, I would keep this inside or at the very least, to a vendor over an extranet line. Regards, Greg DeGennaro Jr., CCNP Security Analyst -----Original Message----- From: Vineet Mehta [mailto:vineet () linux com kw] Sent: Monday, August 18, 2003 8:00 AM To: security-basics () securityfocus com Subject: Syslog over Internet I have hired a server located in a different country. I heard that its better to log all your syslog messages on a different machine. As i dont have access to any other machine on that network except in my own country. My question is how safe and efficient it is to log Syslogd messages from my server in other country to my server in this country? Is it really safe? is it adviced to do so, of not then why? Any help would be appreticated Reegards, -- Vineet Mehta Network Security Consultant Kuwait Linux Company Kuwait Ph-2412552/2463633 <vineet [at] linux [dot] com [dot] kw> www.linux.com.kw --------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- Syslog over Internet Vineet Mehta (Aug 18)
- RE: Syslog over Internet David Gillett (Aug 18)
- Re: Syslog over Internet Damian Menscher (Aug 18)
- Re: Syslog over Internet Arturo "Buanzo" Busleiman (Aug 18)
- RE: Syslog over Internet matt willson (Aug 20)
- Re: Syslog over Internet Valter Santos (Aug 20)
- <Possible follow-ups>
- RE: Syslog over Internet Keith T. Morgan (Aug 18)
- RE: Syslog over Internet DeGennaro, Gregory (Aug 18)
- RE: Syslog over Internet DeGennaro, Gregory (Aug 19)
- Re: Syslog over Internet Eric Nelson (Aug 20)