Date: Fri, 27 Jan 2006 16:25:53 +0300 From: Andrew Pantyukhin <infofarmer@gmail.com> To: Erik Norgaard <norgaard@locolomo.org> Cc: FreeBSD questions <freebsd-questions@freebsd.org> Subject: Re: Encrypted syslog over network Message-ID: <cb5206420601270525tc23fbacs542672b92f85f0a8@mail.gmail.com> In-Reply-To: <43DA1EBE.7060000@locolomo.org> References: <43D9E707.2050809@locolomo.org> <cb5206420601270507y3bfa38f4q5ca3214772d81048@mail.gmail.com> <43DA1EBE.7060000@locolomo.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 1/27/06, Erik Norgaard <norgaard@locolomo.org> wrote: > Andrew Pantyukhin wrote: > > On 1/27/06, Erik Norgaard <norgaard@locolomo.org> wrote: > >> Hi: > >> > >> I was thinking, is there any way of secure syslogging to a different > >> server? > >> > >> AFAIK syslog uses udp/514 and I would like to monitor a number of remo= te > >> hosts. > >> > >> Now, for privacy and security reasons, I would like that the syslog > >> messages are sent encrypted. This may require pre-shared keys as the u= dp > >> protocol does not include a handshake and key exchange. > >> > >> Any solution for this? syslog-ng doesn't seem to include such feature. > >> > > It's 2006. IPSec is the answer. > > Yeah, I considered that, but then you have the problem with NAT, > something lighter would be neat. > > Cheers, Erik > Well, I would say "It's 2006. IPv6 is the answer", but you'll probably find another reason not to do it :-) Ssh port forwarding is the second solution on my list.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?cb5206420601270525tc23fbacs542672b92f85f0a8>