Hi, Hari Sekhon <hpsekhon@googlemail.com> [20060922 16:34:40 +0100]:
If you want to dicuss DoS, come up with a way to deal with that.
[snipped]
Perhaps instead of the connection being authenticated, the packets themselves could be signed, although I'm no cryptography expert to know how secure that would be against forgery.
Would it be more secure to use a tcp SSL tunnel using or something and then set up tunnels for the syslog machines? Although highly secure in that only specific machines could go through to the server and loop back in to the syslog server, you'd be left with those servers being the only points of failure regarding malicious users or compromised accounts, other than the syslog-ng server itself.
erm.....IPSec or use IPv6 where then encryption/authentication is built in. You could slap the same certificate on all the machines or be *very* lazy and use a shared secret passphrase. Either way the kernel would drop the packet as its not encrypted correctly and of course its multi-platform.
I feel that it would be a huge and difficult task to add serious security to syslog-ng beyond this.
just my 3 cents...
IPSec could give you change for that ;) Cheers Alex