RE: Insecure Syslog messages

From: Tim (ccie2be@nyc.rr.com)
Date: Sat Dec 03 2005 - 14:40:03 GMT-3

• Next message: Daniel O'Sheedy: "Re: Question about "extendable" option when configuring static"
• Previous message: Chris Lewis: "Re: Question about NAT"
• Maybe in reply to: Tim: "Insecure Syslog messages"
• Next in thread: Ryan Lindfield: "Re: Insecure Syslog messages"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hey Ryan,

Thanks for your reply.

Why transport mode?

TIA, Tim

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of Ryan
Lindfield
Sent: Saturday, December 03, 2005 10:44 AM
To: Tim; 'Security@Groupstudy. com (E-mail)'; ccielab@groupstudy.com
Subject: Re: Insecure Syslog messages

Use IPSec in Transport mode between the syslog server and the monitored
device :).

----- Original Message -----
From: "Tim" <ccie2be@nyc.rr.com>
To: "'Security@Groupstudy. com (E-mail)'" <security@groupstudy.com>;
<ccielab@groupstudy.com>
Sent: Saturday, December 03, 2005 8:40 AM
Subject: Insecure Syslog messages

> Hi guys,
>
>
>
> Since Syslog messages are sent in clear text, if someone can sniff them,
> that person can learn a great deal about the network.
>
>
>
> Aside from having a switched network, are there other standard ways to
> prevent Syslog messages from being sniffed?
>
>
>
> What are considered Industry Best Practices when it comes to Syslog
> sending
> messages over the network?
>
>
>
> TIA, Tim

• Next message: Daniel O'Sheedy: "Re: Question about "extendable" option when configuring static"
• Previous message: Chris Lewis: "Re: Question about NAT"
• Maybe in reply to: Tim: "Insecure Syslog messages"
• Next in thread: Ryan Lindfield: "Re: Insecure Syslog messages"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Mon Jan 09 2006 - 07:07:50 GMT-3