Firewall Wizards mailing list archives
Re: SCADA
From: "Marcus J. Ranum" <mjr () ranum com>
Date: Tue, 14 Apr 2009 11:27:55 -0500
Brian Loe wrote:
We have a data logger system that needs to be able to talk to both networks, it's in a DMZ with TWO firewalls between the corporate network and the control network.
BTW - I know your data logging application is not syslog, but - in case the problem ever comes up for someone on this list, I've published the source for "plog" on my website. It's in my code archives on: http://www.ranum.com/security/computer_security/code/"Plog is a promiscuous syslog listener. It sucks UDP syslog packets up off a network, rips the message screaming and kicking out of the packet body, and stuffs it into /dev/log. This program supports a bare minimum of options. Be very careful you do not use plog to inject messages into a syslog server that forwards the messages to a loghost over a network! It will hurt! (the good news is you'll get lots of log messages..)"
Oddly, plog works faster than regular UDP syslog on some systems,
because the bpf implementations are sometimes faster than the UDP
stack.
mjr.
--
Marcus J. Ranum CSO, Tenable Network Security, Inc.
http://www.tenablesecurity.com
_______________________________________________
firewall-wizards mailing list
firewall-wizards () listserv icsalabs com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Re: [Fwd: Question], (continued)
- Re: [Fwd: Question] ArkanoiD (Apr 10)
- Re: [Fwd: Question] Anton Chuvakin (Apr 10)
- Re: [Fwd: Question] Chris Blask (Apr 11)
- Re: [Fwd: Question] ArkanoiD (Apr 10)
- Re: [Fwd: Question] ArkanoiD (Apr 10)
- Re: [Fwd: Question] Jean-Denis Gorin (Apr 14)
- Re: SCADA Bertolett, Richard (Apr 14)
- Re: SCADA Sam Golden (Apr 14)
- Re: SCADA Chris Blask (Apr 14)
- Re: SCADA Marcus J. Ranum (Apr 15)
- Re: SCADA Jim Seymour (Apr 14)
- Re: SCADA Brian Loe (Apr 14)
- Re: SCADA ArkanoiD (Apr 15)
- Re: SCADA Brian Loe (Apr 15)
- Re: SCADA ArkanoiD (Apr 15)