Encrypted syslog over network
Hi: I was thinking, is there any way of secure syslogging to a different server? AFAIK syslog uses udp/514 and I would like to monitor a number of remote hosts. Now, for privacy and security reasons, I would like that the syslog messages are sent encrypted. This may require pre-shared keys as the udp protocol does not include a handshake and key exchange. Any solution for this? syslog-ng doesn't seem to include such feature. Thanks, Erik -- Ph: +34.666334818 web: www.locolomo.org S/MIME Certificate: www.daemonsecurity.com/ca/8D03551FFCE04F06.crt Subject ID: 9E:AA:18:E6:94:7A:91:44:0A:E4:DD:87:73:7F:4E:82:E7:08:9C:72 Fingerprint: 5B:D5:1E:3E:47:E7:EC:1C:4C:C8:3A:19:CC:AE:14:F5:DF:18:0F:B9 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Encrypted syslog over network
On 1/27/06, Erik Norgaard [EMAIL PROTECTED] wrote: Hi: I was thinking, is there any way of secure syslogging to a different server? AFAIK syslog uses udp/514 and I would like to monitor a number of remote hosts. Now, for privacy and security reasons, I would like that the syslog messages are sent encrypted. This may require pre-shared keys as the udp protocol does not include a handshake and key exchange. Any solution for this? syslog-ng doesn't seem to include such feature. Thanks, Erik -- Ph: +34.666334818 web: www.locolomo.org S/MIME Certificate: www.daemonsecurity.com/ca/8D03551FFCE04F06.crt Subject ID: 9E:AA:18:E6:94:7A:91:44:0A:E4:DD:87:73:7F:4E:82:E7:08:9C:72 Fingerprint: 5B:D5:1E:3E:47:E7:EC:1C:4C:C8:3A:19:CC:AE:14:F5:DF:18:0F:B9 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] It's 2006. IPSec is the answer. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Encrypted syslog over network
Andrew Pantyukhin wrote: On 1/27/06, Erik Norgaard [EMAIL PROTECTED] wrote: Hi: I was thinking, is there any way of secure syslogging to a different server? AFAIK syslog uses udp/514 and I would like to monitor a number of remote hosts. Now, for privacy and security reasons, I would like that the syslog messages are sent encrypted. This may require pre-shared keys as the udp protocol does not include a handshake and key exchange. Any solution for this? syslog-ng doesn't seem to include such feature. It's 2006. IPSec is the answer. Yeah, I considered that, but then you have the problem with NAT, something lighter would be neat. Cheers, Erik ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Encrypted syslog over network
On 1/27/06, Erik Norgaard [EMAIL PROTECTED] wrote: Andrew Pantyukhin wrote: On 1/27/06, Erik Norgaard [EMAIL PROTECTED] wrote: Hi: I was thinking, is there any way of secure syslogging to a different server? AFAIK syslog uses udp/514 and I would like to monitor a number of remote hosts. Now, for privacy and security reasons, I would like that the syslog messages are sent encrypted. This may require pre-shared keys as the udp protocol does not include a handshake and key exchange. Any solution for this? syslog-ng doesn't seem to include such feature. It's 2006. IPSec is the answer. Yeah, I considered that, but then you have the problem with NAT, something lighter would be neat. Cheers, Erik Well, I would say It's 2006. IPv6 is the answer, but you'll probably find another reason not to do it :-) Ssh port forwarding is the second solution on my list. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]