Good morning Roman, "RoMaN SoFt / LLFB!!" wrote:
On Thu, 01 Mar 2001 13:09:13 +0100, you wrote:
Hi List,
does anybody know a secure dropin Replacement for the standard syslogd, which supports libwrap-style ACL's ?
Ummm there are several ones (try at securityportal.com: there's at least an article about that), I don't know if they support libwrapp. I'd recommend using the standard syslogd with some acl's in your router since other replacements aren't standard and you won't be able to, for instance, receive logs from other boxes (routers, switches, load-balancers, etc).
Hmm, I know the page on securityportal.com, the daemons there are quite interesting as they implement such things as syslog over tcp or even over ssl. But thats a little bit oversized for my needs.
Standard syslog goes over UDP and not encrypted. It's easy to defeat if you don't set the aproppiate fw rules (router acl's, eg). I had a look at some alternatives some time ago but none of them convince me. Many of them were not mature enough and I decided to leave the original syslogd.
There's an alternate rpcbind daemon from Vietse Venema which implements such libwrap based ACL's for RPC, which makes sense in my opinion, but I haven't found an adequate, simple dropin syslogd :-( Maybe anybody in this list does have knowledge about such a beast ;-)
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= ** RoMaN SoFt / LLFB ** roman@madrid.com http://pagina.de/romansoft ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
--------------------------------------------------------------------- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com