From: Richard Dumoulin (Richard.Dumoulin@vanco.fr)
Date: Sun Dec 04 2005 - 13:16:36 GMT-3
There is an IETF group currently working at securing Syslog.
http://www.ietf.org/html.charters/syslog-charter.html
<http://www.ietf.org/html.charters/syslog-charter.html>
You can read their recommendation
-- Richard
-----Message d'origine-----
De : Tim [mailto:ccie2be@nyc.rr.com]
Envoyi : samedi 3 dicembre 2005 16:24
@ : 'Richard Dumoulin'; 'Security@Groupstudy. com (E-mail)';
ccielab@groupstudy.com
Objet : RE: Insecure Syslog messages
Hey Richard, et al
Thanks for the quick reply.
I knew that IPsec could be used but figured there must be an easier way.
IPsec seems so cumbersome for this task. I guess there's no such thing as
Secure Syslog (like Secure Shell for Telnet or HTTPS for secure web
traffic).
OK, I guess I'll just have to stick with IPsec for now.
Thanks, Tim
_____
From: Richard Dumoulin [mailto:Richard.Dumoulin@vanco.fr]
Sent: Saturday, December 03, 2005 9:33 AM
To: 'Tim'; 'Security@Groupstudy. com (E-mail)'; ccielab@groupstudy.com
Subject: RE : Insecure Syslog messages
When possible use an ipsec tunnel or via a private secure management network
-- Richard
-----Message d'origine-----
De : nobody@groupstudy.com [mailto:nobody@groupstudy.com
<mailto:nobody@groupstudy.com> ] De la part de Tim
Envoyi : samedi 3 dicembre 2005 14:41
@ : 'Security@Groupstudy. com (E-mail)'; ccielab@groupstudy.com
Objet : Insecure Syslog messages
Hi guys,
Since Syslog messages are sent in clear text, if someone can sniff them,
that person can learn a great deal about the network.
Aside from having a switched network, are there other standard ways to
prevent Syslog messages from being sniffed?
What are considered Industry Best Practices when it comes to Syslog sending
messages over the network?
TIA, Tim
This archive was generated by hypermail 2.1.4 : Mon Jan 09 2006 - 07:07:50 GMT-3