Security Basics mailing list archives
RE: Encrypted Automated Session from Windows Mach.?
From: Keith Bucher <kbucher () halomede com>
Date: Thu, 11 Aug 2005 09:09:12 -0700
-------- Original Message -------- Subject: Encrypted Automated Session from Windows Mach.? From: Leo Garcia <steelerborn () yahoo com> Date: Tue, August 09, 2005 7:35 am To: security-basics () securityfocus com Do anyone know of or have a good tool to run an automated encrypted session (SCP,SFTP,Secure Tunnel, etc...) from a Windows box to send event logs to a syslog server. I wrote a script for UNIX but I am not as adversed in DOS in writing scripts ;--(..... Any thoughts are welcome, thanks. L.
If you are just trying to copy the event log files over I would recommend using pscp, part of the putty distribution. http://www.chiark.greenend.org.uk/~sgtatham/putty/ You can create a scheduled task with a command line similar to this: c:\putty\pscp -batch -pw password c:\windows\system32\config\SecEvent.Evt user () server com I would recommend using a single-purpose key. If you are trying to translate the event log events to syslog, there are a list of programs that do this here: http://www.loganalysis.org/sections/syslog/windows-to-syslog/ And a good tutorial on how to use stunnel to encrypt the messages sent to the syslog server. (It is written to be EventReporter specific, but the outlined technique will work with any program.) http://www.monitorware.com/Common/en/Articles/eventlog-stunnel-syslog.php Keith Bucher
Current thread:
- RE: Encrypted Automated Session from Windows Mach.? Keith Bucher (Aug 12)