Hosting Provided By

Re: Remote Syslogd

From: Jason Haar <Jason.Haar(at)trimble.co.nz>
Date: Wed Nov 06 2002 - 21:16:45 EST

On Mon, Nov 04, 2002 at 07:30:37PM -0800, Gino Pietro Guidi wrote:
> I have recently came across an article that described secure logging

Sounds like passlogd: a syslog server sniffer that simply logs any syslog records it sees in promiscous mode.

Could be perfect for an IDS :-)

[Note: I had a look at it some time ago and there were bugs which stopped me using it. Pity - the idea is sound]

-- 
Cheers

Jason Haar
Information Security Manager, Trimble Navigation Ltd.
Phone: +64 3 9635 377 Fax: +64 3 9635 417
PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1

-----------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: 
http://aris.securityfocus.com

Received on Thu Nov 7 07:25:31 2002

This message: [ Message body ]
Next message: Chris Mawer: "Win32 Port of TAR"
Previous message: Martin Maèok: "Re: Remote Syslogd"
In reply to Gino Pietro Guidi: "RE: Remote Syslogd"
Next in thread: James Lee Bell: "Re: Remote Syslogd"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:01:41 EDT