ello,
what do you think about a new option in syslog-ng? I though "remote logging" could be very usefull. If someone hacks one system the first thing he will do is to clean the logs. Its very easy to clean the logs because they are in plain ascii format.
This option is supported even in standard syslogds, and of course this is a planned feature of syslog-ng. Though sending is not ready yet, receiving from network socket is (at least seem to be) working.
If you could improve syslog-ng so that it can log remotly, intruders cannot clean the logs and its very easy to exemine the logs and trace him.
I plan not only to use remote logging, but also storing digital fingerprints of messages, so _any_ modification can be detected. Maybe I'll even add encrypted log files.
Ì got these mail back, cuz of spam. Please configure your mailing-list better
Your host seems to be in one of the anti-spam databases, which is installed on vekoll, where this list is running. I can tell you which sites we mirror those lists, so that you can notify your sysadmin. -- Bazsi PGP key: http://www.balabit.hu/pgpkey.txt, or finger bazsi@balabit.hu