[Dshield] dshield for di-808hv using linux client

Brenden Walker BKWalker at drbsystems.com
Thu Mar 26 13:03:56 GMT 2009


> -----Original Message-----
> From: list-bounces at lists.sans.org [mailto:list-bounces at lists.sans.org]
> On Behalf Of Greg White
> Sent: Wednesday, March 25, 2009 11:26 AM
> Subject: [Dshield] dshield for di-808hv using linux client
>
> I have a D-Link DI-808HV whose logs I want sent to dshield.
> The latest firmware doesn't have a built-in dshield client,
> bad d-link.  I see there is a windows client for this unit,
> but I don't want to leave my power hungry PC on all the
> time.  My plan was to build a tiny Linux based device to
> receive the logs from the router via syslog and then have
> the logs sent to dshield from the device.  Marvell seems to
> have read my mind and is coming out with a wallplug size
> device that runs linux, uses 5 watts, and is cheap.
>
> I was looking at the list of Linux and UNIX DShield Clients
> and I am not sure which one will meet my needs.  Is my plan
> workable or is there something I am not considering?  Which
> client will work for me?

I think it mostly will depend on what format the syslog data comes in. The plan sounds reasonable, I too have noticed the wallplug device.. just can't think of a use for it yet ;-)





More information about the Dshield mailing list