Re: PIX firewall logging on linux using syslog

[1337 h4x0r <scouser () paradise net nz>]

Syslog is a fine tool
however there are better options these days.
I like syslog-ng, it has many useful features particularly if you are in
a busy/important network ( aren't we all)
You can log using tcp rather than udp (dont you just love UDP dropping
packets when it's buffers are full during say a nice DDOS!) , it has
better and more flexible filtering rules etc..
Easy logging to databases rather than flat files (eg MySQL) although I
have not tried this myself it sounds useful. (speed of logging and also
flexible querying)
There is coming support for message integrity and encryption !
And last but not least it is a great deal more stable than syslogd which
I have found to be a bit flakey in the past (mainly on Sun hardware ;-)

Your milage as ever may vary and there are other good products out there
(I just haven't tried em ;-)

James
On Tue, 2002-09-10 at 03:24, baxter wrote:
> I have had different types of trouble doing logging on NT and am aware of
> the utilities available for doing logging on windows based machines, but i
> would like to do my logging on a slackware linux box.  I'm wondering if
> anyone uses linux for logging and if so if they use the linux syslog daemon
> or another package.  Any suggestions on editing the syslog.conf for this
> type of usage would be appreciated.
>
>
> Joe Baxter
> Assistant Network Administrator
> SUNY College at Fredonia
> Fredonia, NY 14063
> (716) 673-4712
> baxter () fredonia edu
>
> _______________________________________________
> firewall-wizards mailing list
> firewall-wizards () honor icsalabs com
> http://honor.icsalabs.com/mailman/listinfo/firewall-wizards


_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards