Date: Fri, 8 Sep 95 12:48:38 METDST From: marino.ladavac@aut.alcatel.at To: piero@strider.ibenet.it Cc: security@freebsd.org Subject: Re: Do we *really* need logger(1)? Message-ID: <9509081048.AA06504@atuhc16.aut.alcatel.at> In-Reply-To: <199509081026.MAA22658@strider.ibenet.it>; from "Piero Serini" at Sep 8, 95 12:26 (noon)
next in thread | previous in thread | raw e-mail | index | archive | help
> Hello. > Quoting from Andrew V. Stesin (Thu Sep 7 19:07:26 1995): > > (b) Optional encryption capability for the messages, > > using the system-wide libcrypt facility; > > even very simple one will be good, with parameters stored in > > /etc/syslog.conf. Better than nothing, really. > Use the root passwd on the originating machine to encrypt the logs > sent via network. > +----+ +----+ > | A | ---- logs to ---> | B | > +----+ +----+ > syslogd on A uses its root passwd to encrypt the data, B just stores > it. 2 possible scenarios: > 1) B is the central repository for all the logs in the network. > It's common practice that the staff on B knows the root passwd > for all the network machines; > 2) B is another machine which stores the logs, but the staff hasn't > the root passwd. In this situation, B receives logs already encrypted > regarding a machine they don't have root accesss to, so they probably > have no need to read the data. If A system manager wants to read > its own logs, (s)he has the root passwd to do that. > Comments? Better yet, use the password to authenticate the sent data, so that the central server can easily ignore possibly malicious foreign logs. This way one can fight against port 154 or logger attack on the logfiles. /Alby > Bye, > -- > # $Id: .signature,v 1.12 1995/08/14 12:10:54 piero Exp $ > Piero Serini Via Giambologna, 1 > <Piero@Free.IT> I 20136 Milano - ITALY
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?9509081048.AA06504>