[syslog-ng] Securing syslog-ng
Martin Holste
mcholste at gmail.com
Sat Jul 9 19:19:06 CEST 2011
Either use Syslog-NG Premium Edition with SSL transport or setup
OpenVPN (or any other VPN) for the transport. It is a very bad idea
to let anyone write logs to your system from the Internet. At the
absolute minimum, use a firewall or iptables to only allow known-hosts
to send logs. That's still poor protection if you're allowing UDP, as
UDP can be spoofed.
On Sat, Jul 9, 2011 at 4:44 AM, Kārlis Repsons <repsons at gmail.com> wrote:
> All,
>
> I've been sorting system information with syslog-ng just fine, but it
> happened in a LAN environment. Now I plan starting off with a public
> IPv6 address and that raises some concerns. What would you advice to
> check to be sure? How should remote logging be set up so that some
> mutual (or at least client) cryptographic authentication happens?
> Thanks...
> ______________________________________________________________________________
> Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
> Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng
> FAQ: http://www.balabit.com/wiki/syslog-ng-faq
>
>
More information about the syslog-ng
mailing list