Next Generation Secure Remote Log Servers over TCP

[InfoSec News <isn () c4i org>]

Forwarded from: Dave Wreski <dave () guardiandigital com>

Flying Pigs: Snorting Next Generation Secure Remote Log Servers over
TCP By Eric "Loki" Hines for LinuxSecurity.com

A Comprehensive Guide to Building Encrypted, Secure Remote Syslog-ng
Servers with the Snort Intrusion Detection System

The precursor to this article, Creating Secure Remote Log Servers, was
the first in a series of papers focused on walking readers through
configuring and deploying secure remote log servers. This second paper
in the series offers a much more robust alternative to first
generation SYSLOG servers; providing a much more reliable remote
logging facility that is effective for use within Honeynets
(http://project.honeynet.org) and Intrusion Detection System
deployments. Remote log servers can provide centralized logging
capability for IDS' spread across large network environments. I have
proposed this approach for centralized logging in large IDS
deployments on government networks that typically consist of multiple
CLASS A networks.

http://www.linuxsecurity.com/feature_stories/snortlog-part1.html

-- 
Dave Wreski
Corporate Manager                           Guardian Digital, Inc.
(201) 934-9230                Pioneering.  Open Source.  Security.
dave () guardiandigital com            http://www.guardiandigital.com



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn'
in the BODY of the mail.