Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Centralizing logs throug internet

From: "Shain Singh" <shain.singh () aapt com au>
Date: Thu, 16 Nov 2006 12:33:05 +1100
Nicolas Arias wrote:



Quick question, i have a few web servers facing internet, 

that are only

accesible throug that net. I want to point the logs from 

those boxes to

my syslog server, but i want to have some kind of 

encryption. The thing

is that in those boxes i have syslogd, and at my central box i have
syslog-ng. Migrating syslogd to syslog-ng is not an option.

So, ssh tunnels are out of order since syslogd only "talks" udp.


Are the webservers multi-homed so that you have a "management network" to
reach your syslog server? You could run it through a L2TP session. 
The implementation would be something similar to how ISPs get RADIUS data
from their upstream LNSes. Using this method at least you know that
everything is initiated via the webserver to a dedicated termination point
for your syslog server and once the tunnel is established you can run your
traffic through it.


--
Shaineel Singh
MakePeace Media LTD
 
http://mpm.org.au/shsingh
pgp id:  0xA9D8D351
fp: 38 0D A8 C8 74 A2 33 5E CE 0E 5A FA D5 A0 04 7C
 
This message was written entirely with recycled electrons.


---------------------------------------------------------------------------
This list is sponsored by: Norwich University

EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic Excellence 
in Information Security. Our program offers unparalleled Infosec management 
education and the case study affords you unmatched consulting experience. 
Using interactive e-Learning technology, you can earn this esteemed degree, 
without disrupting your career or home life.

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: