[syslog-ng] Enable TLS encryption
Scheidler, Balázs
balazs.scheidler at balabit.com
Mon Jan 9 21:53:34 UTC 2017
I know about dtls, there's even an rfc on syslog over dtls, but never
actually used it, nor have I seen it in the wild.
On Jan 5, 2017 11:06 AM, "Szalai, Attila" <Attila.Szalai at morganstanley.com>
wrote:
> Hi, Sorry, to “reopen” an old thread, but theoretically syslog-ng would be
> able to use tls with udp connections.
>
>
>
> This is called DTLS and defined in rfc4347. And openssl also support it.
> (But that is right, that syslog-ng currently does no support it.)
>
>
>
> *From:* syslog-ng [mailto:syslog-ng-bounces at lists.balabit.hu] *On Behalf
> Of *Scheidler, Balázs
> *Sent:* Tuesday, November 22, 2016 8:22 PM
> *To:* Syslog-ng users' and developers' mailing list
> *Subject:* Re: [syslog-ng] Enable TLS encryption
>
>
>
> Your conclusion is correct. It cannot.
>
>
>
> On Nov 22, 2016 5:23 PM, "PÁSZTOR György" <pasztor at linux.gyakg.u-szeged.hu>
> wrote:
>
> Hi,
>
> "Scheidler, Balázs" <balazs.scheidler at balabit.com> írta 2016-11-22
> 17:38-kor:
> > Thats a completely different matter, OpenVPN has its own tcp-like
> substrate
> > running on top of UDP, and not TLS running on UDP.
>
> Ah. So, that is openvpn specific?
>
> I didn't dig into the code. I thought openssl has it's own layer to
> establish a "connection" even over udp.
>
> So the conclusion is that, syslog-ng can not run tls over udp?
>
> Cheers,
> Gyu
> ____________________________________________________________
> __________________
> Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
> Documentation: http://www.balabit.com/support/documentation/?
> product=syslog-ng
> FAQ: http://www.balabit.com/wiki/syslog-ng-faq
>
>
> ------------------------------
>
> NOTICE: Morgan Stanley is not acting as a municipal advisor and the
> opinions or views contained herein are not intended to be, and do not
> constitute, advice within the meaning of Section 975 of the Dodd-Frank Wall
> Street Reform and Consumer Protection Act. If you have received this
> communication in error, please destroy all electronic and paper copies and
> notify the sender immediately. Mistransmission is not intended to waive
> confidentiality or privilege. Morgan Stanley reserves the right, to the
> extent permitted under applicable law, to monitor electronic
> communications. This message is subject to terms available at the following
> link: http://www.morganstanley.com/disclaimers If you cannot access
> these links, please notify us by reply message and we will send the
> contents to you. By communicating with Morgan Stanley you consent to the
> foregoing and to the voice recording of conversations with personnel of
> Morgan Stanley.
>
>
> ____________________________________________________________
> __________________
> Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
> Documentation: http://www.balabit.com/support/documentation/?
> product=syslog-ng
> FAQ: http://www.balabit.com/wiki/syslog-ng-faq
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.balabit.hu/pipermail/syslog-ng/attachments/20170109/88e2cf93/attachment-0001.html>
More information about the syslog-ng
mailing list