Security Basics mailing list archives
Re: Syslog over Internet
From: Eric Nelson <en () megahosted com>
Date: Wed, 20 Aug 2003 16:25:36 -0700
Remote logging is always a good idea. A partner of mine wrote up a good howto on setting up syslog-ng and stunnel loghosting. You should also be able to set iptables rules to combat DOS attempts. On Tue, Aug 19, 2003 at 08:18:04AM -0700, DeGennaro, Gregory wrote:
TCP would be better than UDP be the logs are still in plain text and to me that is way too risky without encryption of some sort, whether tunnel or the text file itself, or an extranet line. Regards, Greg DeGennaro Jr., CCNP Security Analyst -----Original Message----- From: Arturo "Buanzo" Busleiman [mailto:buanzo () buanzo com ar] Sent: Monday, August 18, 2003 2:49 PM To: Damian Menscher Cc: Vineet Mehta; security-basics () securityfocus com Subject: Re: Syslog over Internet And we should not forget about NOT USING UDP for this. TCP would make a better transport. --------------------------------------------------------------------------- ----------------------------------------------------------------------------
-- Eric Nelson <en () megahosted com> http://www.megahosted.com/~en/ GPG-key: C4AB5707 Fingerprint: 9E50 D5C2 2B02 A944 1A28 5CA5 366A 0294 C4AB 5707 --------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- Syslog over Internet Vineet Mehta (Aug 18)
- RE: Syslog over Internet David Gillett (Aug 18)
- Re: Syslog over Internet Damian Menscher (Aug 18)
- Re: Syslog over Internet Arturo "Buanzo" Busleiman (Aug 18)
- RE: Syslog over Internet matt willson (Aug 20)
- Re: Syslog over Internet Valter Santos (Aug 20)
- <Possible follow-ups>
- RE: Syslog over Internet Keith T. Morgan (Aug 18)
- RE: Syslog over Internet DeGennaro, Gregory (Aug 18)
- RE: Syslog over Internet DeGennaro, Gregory (Aug 19)
- Re: Syslog over Internet Eric Nelson (Aug 20)