From owner-freebsd-security Wed Apr 5 11:10:58 2000 Delivered-To: freebsd-security@freebsd.org Received: from toaster.sun4c.net (toaster.sun4c.net [63.193.27.6]) by hub.freebsd.org (Postfix) with ESMTP id 0931937BB24 for ; Wed, 5 Apr 2000 11:10:56 -0700 (PDT) (envelope-from andre@toaster.sun4c.net) Received: (from andre@localhost) by toaster.sun4c.net (8.9.3+openldap/8.9.3) id LAA03845; Wed, 5 Apr 2000 11:10:51 -0700 (PDT) Date: Wed, 5 Apr 2000 11:10:51 -0700 From: Andre Gironda To: goten@linux.sduteam.com Cc: security@freebsd.org Subject: Re: Queston on secure syslogd Message-ID: <20000405111051.A3830@toaster.sun4c.net> References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.95i In-Reply-To: ; from goten@linux.sduteam.com on Wed, Apr 05, 2000 at 11:26:44AM -0700 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org I always use the syslogd flags "-ss" except when I have a syslog server on a backhaul firewalled network. Over the Internet, I'd be more likely to use scp, rsync, or CVSup even though I should probably use something better like IPSec or SNMPv3. There have got to be 4 million different ways to solve your problem. dre On Wed, Apr 05, 2000 at 11:26:44AM -0700, goten@linux.sduteam.com wrote: > Ok, I am just wondering if there is any secure alternative for syslogd. > Since I want to send the log file via TCP/IP over the Internet, using > @1.2.3.4 in syslogd.conf is not secure enough if that IP is not on the > LAN. > > I have tried to use nsyslogd, but the SSL not seems to be working > right. I can use Snort -dvC to read all the content in clear text when > nsyslogd send message thru UDP port 514. Any suggestions? > > rgd, > Derek > > ps. I have tried ssyslogd also, it won't even compile on FreeBSD 4.0. -- This program has been brought to you by the language C and the number F. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message