Re: Logauswertung (translation)
I would additionally like to send the logs over Syslog-ng to a log server. I stronly recommend not to do this. We had a ccc (chaos computer club) meeting while someone brought the logfile from his mailserver to meetings. By seeing the logfile without error messages it was quite easy to have a look at the employees and and their key qualification. By seeing logfiles unencrypted it's possible to have a look what's running on your server so I strongly recommend not to do this. Use logcheck local on your server and login over ssh which is quite secure. (There was just one vulnerability in the past years). I use a simple perl script fwlog to check the logfiles. I agree with you on the logtransfer issue, but disagree with you on the "don't-use-a-central-logserver" ;) At this moment we are using a logserver in-house, so that's not encrypted, and we are using it on some places where we send the logs outbound. There are several ways to do this, and I'm using a OpenVPN-tunnel to send it. But I'm sure it is possible to send the logs encrypted someway (stunnel maybe?) if you are not able to use a VPN-tunnel. With regards Ronald -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
FW: Decent iptables script for bridging?
http://www.securityview.org/building-a-snortenabled-linuxgateway.html is for a complete bridging router with snort as an IDS, just extend the iptables rules and you're done ;)RonaldOn 23 May, 2006, at 15:44, Christian Holler wrote:-BEGIN PGP SIGNED MESSAGE-Hash: SHA1Hello,I'm currently setting up a bridge on Debian, which is meant to act asan invisible filter in our network which is otherwise directly exposedto the internet (every host directly reachable from the internet, noNAT or anything like that).I found a good Debian howto that describes this setup, but I waswondering if there is an iptables firewall script which is meant forthat kind of setup. All iptables scripts I know are for NAT or HomeFirewalling (including dialup etc).Thanks in advance for useful hints.Chris-BEGIN PGP SIGNATURE-Version: GnuPG v1.4.3 (GNU/Linux)Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.orgiD8DBQFEcxF9JQIKXnJyDxURAihkAJkBeBTQq667ke3ySiYeZ11hQcHVBwCfaUmeqcSRC0rZDnXccoikcV2fTKo==2hQe-END PGP SIGNATURE--- To UNSUBSCRIBE, email to [EMAIL PROTECTED]with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]