> >Interesting idea. When you say that you used the cmd mode, did >you >somehow encode the syslog data itself within an SPA packet so that >it >was encrypted en-route? Or was the SPA packet sent in order to >open >up a syslog listener through an otherwise default drop packet >filter, >and then the syslog data followed? It was the former: I was sending syslog messages to a FIFO pipe and then trying to grab lines from that into something like the -- Server-cmd parameter. Sending messages in --Server-cmd resulted in them logged at the other end, even though they weren't legitimate commands.
-- mart ------------------------------------------------------------------------------ All the data continuously generated in your IT infrastructure contains a definitive record of customers, application performance, security threats, fraudulent activity and more. Splunk takes this data and makes sense of it. Business sense. IT sense. Common sense. http://p.sf.net/sfu/splunk-d2dcopy1 _______________________________________________ Fwknop-discuss mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/fwknop-discuss
