Either use Syslog-NG Premium Edition with SSL transport or setup OpenVPN (or any other VPN) for the transport. It is a very bad idea to let anyone write logs to your system from the Internet. At the absolute minimum, use a firewall or iptables to only allow known-hosts to send logs. That's still poor protection if you're allowing UDP, as UDP can be spoofed. On Sat, Jul 9, 2011 at 4:44 AM, Kārlis Repsons <repsons@gmail.com> wrote:
All,
I've been sorting system information with syslog-ng just fine, but it happened in a LAN environment. Now I plan starting off with a public IPv6 address and that raises some concerns. What would you advice to check to be sure? How should remote logging be set up so that some mutual (or at least client) cryptographic authentication happens? Thanks... ______________________________________________________________________________ Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng FAQ: http://www.balabit.com/wiki/syslog-ng-faq