SV: Insecure Syslog messages

From: Big guy (jenseike@start.no)
Date: Sat Dec 03 2005 - 18:20:38 GMT-3

• Next message: Richard Dumoulin: "RE : Insecure Syslog messages"
• Previous message: Anderson Nery Vilas Boas: "SV: Re: Multicast issue."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

we are using L2L ipsec tunnels for our syslog messages... we have then
defined syslog udp 514 as interesting
traffic for the vpn

jens p

-----Opprinnelig melding-----
Fra: nobody@groupstudy.com [mailto:nobody@groupstudy.com]Pa vegne av Tim
Sendt: 3. desember 2005 07:41
Til: 'Security@Groupstudy. com (E-mail)'; ccielab@groupstudy.com
Emne: Insecure Syslog messages

Hi guys,

Since Syslog messages are sent in clear text, if someone can sniff them,
that person can learn a great deal about the network.

Aside from having a switched network, are there other standard ways to
prevent Syslog messages from being sniffed?

What are considered Industry Best Practices when it comes to Syslog sending
messages over the network?

TIA, Tim

• Next message: Richard Dumoulin: "RE : Insecure Syslog messages"
• Previous message: Anderson Nery Vilas Boas: "SV: Re: Multicast issue."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Mon Jan 09 2006 - 07:07:50 GMT-3