|
Navid,
Consider using the OSSEC agent for encrypted log data transfer from client to OSSEC server.
The only thing it requires is port UDP 1514 for date transfer from client ot OSSEC server.
KenW
From: [email protected] [[email protected]] On Behalf Of Navid Paya [[email protected]] Sent: Tuesday, August 25, 2009 12:54 AM To: [email protected] Subject: [ossec-list] Encrpyting syslog-ng logs Hi
I've setup my logging solution but there's one more step that needs to be taken. I'm using SuSE 10 which uses syslog-ng as its logging facility. The problem is syslog-ng uses raw tcp traffica which is not secure at all. Now I really need to encrypt the traffic. I've read about using stunnel to pipe an encrypted traffic from syslog clients to the server. I wanted to know if anyone has a experience in this matter, and if yes should I make any changes to the ossec configuration? And do you possibly know a better way? Just one thing, SuSE 10 is a must in this scenario 'cause its part of the firm's policy and there's absolutely nothing I can do to change it. Thank you all as always. This mailing list has been a great help to me. Navid |
- [ossec-list] Encrpyting syslog-ng logs Navid Paya
- [ossec-list] Re: Encrpyting syslog-ng logs Ken Wachtler
- [ossec-list] Re: Encrpyting syslog-ng logs Henry Blum
- [ossec-list] Re: Encrpyting syslog-ng logs BenW
