Hi Gerd, If it's behind a firewall, why not simply permit specific hosts, and deny everything else? Are there too many hosts/routers to make this a feasible suggestion? Alot of people will suggest a kerberized syslogd, or perhaps an encrypted syslogd but if you are able to filter then this is an acceptable solution unless you need encryption as well. Len On Tue, Aug 15, 2000 at 11:53:48AM +0200, Gerd Bitzer wrote:
Hi all,
a question to all of you regarding system logging.
I have a server with Suse 6.2 which should serve as a logging host. It's behind a firewall and is publically reachable, the logs are delivered from devices which are in the Internet. The standard syslogd seems to have security issues, according to http://www.securityportal.com/lasg/logging/index.html#General log security
There are some suggestions of alternative syslogd's on Kurt's site, but what are the experiences with the listed alternative syslogd's, which one can you recommend (under security and stability viewpoints of course ;-). Which one could be used as secure dropin replacement for the standard syslogd ?
TIA for your replies