Next Generation Secure Remote Log Servers over TCP (LinuxSecurity.com)

From:	 InfoSec News <isn@c4i.org>
To:	 isn@attrition.org
Subject: [ISN] Next Generation Secure Remote Log Servers over TCP
Date:	 Mon, 10 Jun 2002 05:10:07 -0500 (CDT)

Forwarded from: Dave Wreski <dave@guardiandigital.com>

Flying Pigs: Snorting Next Generation Secure Remote Log Servers over
TCP By Eric "Loki" Hines for LinuxSecurity.com

A Comprehensive Guide to Building Encrypted, Secure Remote Syslog-ng
Servers with the Snort Intrusion Detection System

The precursor to this article, Creating Secure Remote Log Servers, was
the first in a series of papers focused on walking readers through
configuring and deploying secure remote log servers. This second paper
in the series offers a much more robust alternative to first
generation SYSLOG servers; providing a much more reliable remote
logging facility that is effective for use within Honeynets
(http://project.honeynet.org) and Intrusion Detection System
deployments. Remote log servers can provide centralized logging
capability for IDS' spread across large network environments. I have
proposed this approach for centralized logging in large IDS
deployments on government networks that typically consist of multiple
CLASS A networks.

http://www.linuxsecurity.com/feature_stories/snortlog-part1.html

-- 
Dave Wreski
Corporate Manager                           Guardian Digital, Inc.
(201) 934-9230                Pioneering.  Open Source.  Security.
dave@guardiandigital.com            http://www.guardiandigital.com



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo@attrition.org with 'unsubscribe isn'
in the BODY of the mail.