[Dshield] Remote logging via syslogd
mark.rowlands at mypost.se
Mon Sep 29 17:59:00 GMT 2003
> -----Original Message-----
> From: list-bounces at dshield.org
> [mailto:list-bounces at dshield.org] On Behalf Of Jon R. Kibler
> Sent: Monday, September 29, 2003 4:26 PM
> To: list at dshield.org
> Subject: [Dshield] Remote logging via syslogd
> We are remotely managing a couple of Sparc boxes. We want to
> do centralized logging, where syslogd on the remote systems
> logs to our local log server. This is essentially a
> brain-dead configuration, if we want to do logging over the
> Internet in plain text. In fact, we tested the configuration
> and it worked first time.
> However, logging in plain text will not cut it -- too much
> information is leaked for this to work in a production
> environment. What we really want to do is to route the remote
> logs through a secure tunnel. We were thinking this was the
> perfect job for stunnel, until we remembered that stunnel
> doesn't support UDP.
> Any thoughts on an easy way to do real-time secure remote
> logging between Sparc boxes?
More information about the list