[1935] in linux-security and linux-alert archive
[linux-security] syslogd communication
daemon@ATHENA.MIT.EDU (Radovan Semancik)
Tue Jun 23 17:10:30 1998
Date: Tue, 23 Jun 1998 10:48:35 +0200
From: Radovan Semancik <semancik@alert.sk>
To: linux-security@redhat.com
Resent-From: linux-security@redhat.com
Resent-Reply-To: linux-security@redhat.com
> Second, why don't you implement a "black box" log system ?
> That's all log generated by all hosts on your network is forwarded
> to a seperate log machine called black box. Such computer grants
> no access to any body whatsoever except for user "root" loginning on
> the console.
how to setup a secure "black-box"? AFAIK, syslogd communication is not
authenticated/encrypted, so it is vulnerable to
spoofing/forging/eavesdropping/etc.
Could IPsec be used for protecting of syslogd communication? what other
means for protection are there? is any of this means usable for all UNIX
hosts?
--
Radovan Semancik (semancik@alert.sk)
http://storm.alert.sk
--
----------------------------------------------------------------------
Please refer to the information about this list as well as general
information about Linux security at http://www.aoy.com/Linux/Security.
----------------------------------------------------------------------
To unsubscribe:
mail -s unsubscribe linux-security-request@redhat.com < /dev/null