Privacy Policy

Guest
  • Guest
  • Guest Topic Starter
2003-03-03T18:16:34Z
Date parsed: 3/3/2003 6:16:34 PM
Date: Mon, 03 Mar 2003 18:16:34 +0100

Has anyone tried running SL4NT over SSL. I would like to have my syslog
traffic encrypted. Is there any inherent way to do this, or has anyone
tried another method?

Franz, will SL4NT ever have this feature or what would you recommend to
allow me to encrypt my syslog traffic?


Thanks in advance,

Aaron Sheard
Guest
  • Guest
  • Guest Topic Starter
2003-03-03T18:48:39Z
Date parsed: 3/3/2003 6:48:39 PM
Date: Mon, 3 Mar 2003 18:48:39 +0100

Aaron,

I would be possible to add SSL support to SL4NT but as far as I know there's
not a single syslog client (router, etc) that supports syslog over SSL/TCP.

The alternative would be to use IPSec: W2K (and later) supports IPSec
out-of-the-box and some vendors (e.g. Cisco) also support IPSec on their
router boxes. The advantage of using IPSec would be that no changes to
syslog client or server code is necessary because IPSec works at the network
layer and is therefore transparent for the application layer.

Franz


"Aaron Sheard" <aaron.sheard@axia.com> wrote in message
news:Xns9333695D2D1C3aaronsheardaxiacom@62.178.224.240...
> Has anyone tried running SL4NT over SSL. I would like to have my syslog
> traffic encrypted. Is there any inherent way to do this, or has anyone
> tried another method?
>
> Franz, will SL4NT ever have this feature or what would you recommend to
> allow me to encrypt my syslog traffic?
>
>
> Thanks in advance,
>
> Aaron Sheard


Guest
  • Guest
  • Guest Topic Starter
2003-03-11T05:45:50Z
Date parsed: 3/11/2003 5:45:50 AM
Date: Tue, 11 Mar 2003 05:45:50 +0100

"Franz Krainer" <franzk@netal.com> wrote in
news:Bpm0f0a4CHA.4220@is1.netal.com:

> Aaron,
>
> I would be possible to add SSL support to SL4NT but as far as I know
> there's not a single syslog client (router, etc) that supports syslog
> over SSL/TCP.
>
> The alternative would be to use IPSec: W2K (and later) supports IPSec
> out-of-the-box and some vendors (e.g. Cisco) also support IPSec on
> their router boxes. The advantage of using IPSec would be that no
> changes to syslog client or server code is necessary because IPSec
I think i still want to persue trying to run syslog over ssl. (unix
clients as well so IPSec may not be as easy)

i noticed in 3.1 SL4NT there is an option to select both the port and
protocol for the listener, but only the port number and default UDP for
forwarding.

It is my understanding that stunnel only supports TCP, so is there a way
for my SL4NT collectors to listen on TCP 514 and forward on TCP 514 to
the master?

Thanks in advance,

Aaron

> works at the network layer and is therefore transparent for the
> application layer.
>
> Franz
>
>
> "Aaron Sheard" <aaron.sheard@axia.com> wrote in message
> news:Xns9333695D2D1C3aaronsheardaxiacom@62.178.224.240...
>> Has anyone tried running SL4NT over SSL. I would like to have my
>> syslog traffic encrypted. Is there any inherent way to do this, or
>> has anyone tried another method?
>>
>> Franz, will SL4NT ever have this feature or what would you recommend
>> to allow me to encrypt my syslog traffic?
>>
>>
>> Thanks in advance,
>>
>> Aaron Sheard
>
>
>

Guest
  • Guest
  • Guest Topic Starter
2003-03-11T11:36:28Z
Date parsed: 3/11/2003 11:36:28 AM
Date: Tue, 11 Mar 2003 11:36:28 +0100

Aaron,

> I think i still want to persue trying to run syslog over ssl. (unix
> clients as well so IPSec may not be as easy)
>
> i noticed in 3.1 SL4NT there is an option to select both the port and
> protocol for the listener, but only the port number and default UDP for
> forwarding.

SL4NT 3.1 supports only UDP when forwarding messages to other syslog
daemons.

> It is my understanding that stunnel only supports TCP, so is there a way
> for my SL4NT collectors to listen on TCP 514 and forward on TCP 514 to
> the master?

Stunnel supports only TCP and can therefore not be used for encrypting
messages forwarded over UDP.

Franz


"Aaron Sheard" <zilogz@hotmail.com> wrote in message
news:Xns933ADD7D4507Daaronsheardaxiacom@62.178.224.240...
> "Franz Krainer" <franzk@netal.com> wrote in
> news:Bpm0f0a4CHA.4220@is1.netal.com:
>
> > Aaron,
> >
> > I would be possible to add SSL support to SL4NT but as far as I know
> > there's not a single syslog client (router, etc) that supports syslog
> > over SSL/TCP.
> >
> > The alternative would be to use IPSec: W2K (and later) supports IPSec
> > out-of-the-box and some vendors (e.g. Cisco) also support IPSec on
> > their router boxes. The advantage of using IPSec would be that no
> > changes to syslog client or server code is necessary because IPSec
> I think i still want to persue trying to run syslog over ssl. (unix
> clients as well so IPSec may not be as easy)
>
> i noticed in 3.1 SL4NT there is an option to select both the port and
> protocol for the listener, but only the port number and default UDP for
> forwarding.
>
> It is my understanding that stunnel only supports TCP, so is there a way
> for my SL4NT collectors to listen on TCP 514 and forward on TCP 514 to
> the master?
>
> Thanks in advance,
>
> Aaron
>
> > works at the network layer and is therefore transparent for the
> > application layer.
> >
> > Franz
> >
> >
> > "Aaron Sheard" <aaron.sheard@axia.com> wrote in message
> > news:Xns9333695D2D1C3aaronsheardaxiacom@62.178.224.240...
> >> Has anyone tried running SL4NT over SSL. I would like to have my
> >> syslog traffic encrypted. Is there any inherent way to do this, or
> >> has anyone tried another method?
> >>
> >> Franz, will SL4NT ever have this feature or what would you recommend
> >> to allow me to encrypt my syslog traffic?
> >>
> >>
> >> Thanks in advance,
> >>
> >> Aaron Sheard
> >
> >
> >
>


Guest
  • Guest
  • Guest Topic Starter
2003-03-12T17:51:46Z
Date parsed: 3/12/2003 5:51:46 PM
Date: Wed, 12 Mar 2003 17:51:46 +0100




> Aaron,
>
>> I think i still want to persue trying to run syslog over ssl. (unix
>> clients as well so IPSec may not be as easy)
>>
>> i noticed in 3.1 SL4NT there is an option to select both the port and
>> protocol for the listener, but only the port number and default UDP
>> for forwarding.
>
> SL4NT 3.1 supports only UDP when forwarding messages to other syslog
> daemons.

Is there anything on the horizon for SL4NT to impliment some sort of
encryption? Would it take much to add TCP forwarding? This would allow
people to use things like stunnel and tcp wrappers.


>
>> It is my understanding that stunnel only supports TCP, so is there a
>> way for my SL4NT collectors to listen on TCP 514 and forward on TCP
>> 514 to the master?
>
> Stunnel supports only TCP and can therefore not be used for encrypting
> messages forwarded over UDP.

I'm sure I'm not the only one out there that wants to secure syslog.
What are Netal's plans for the near future to add any features like
this?


>
> Franz
>
>
> "Aaron Sheard" <zilogz@hotmail.com> wrote in message
> news:Xns933ADD7D4507Daaronsheardaxiacom@62.178.224.240...
>> "Franz Krainer" <franzk@netal.com> wrote in
>> news:Bpm0f0a4CHA.4220@is1.netal.com:
>>
>> > Aaron,
>> >
>> > I would be possible to add SSL support to SL4NT but as far as I
>> > know there's not a single syslog client (router, etc) that supports
>> > syslog over SSL/TCP.
>> >
>> > The alternative would be to use IPSec: W2K (and later) supports
>> > IPSec out-of-the-box and some vendors (e.g. Cisco) also support
>> > IPSec on their router boxes. The advantage of using IPSec would be
>> > that no changes to syslog client or server code is necessary
>> > because IPSec
>> I think i still want to persue trying to run syslog over ssl. (unix
>> clients as well so IPSec may not be as easy)
>>
>> i noticed in 3.1 SL4NT there is an option to select both the port and
>> protocol for the listener, but only the port number and default UDP
>> for forwarding.
>>
>> It is my understanding that stunnel only supports TCP, so is there a
>> way for my SL4NT collectors to listen on TCP 514 and forward on TCP
>> 514 to the master?
>>
>> Thanks in advance,
>>
>> Aaron
>>
>> > works at the network layer and is therefore transparent for the
>> > application layer.
>> >
>> > Franz
>> >
>> >
>> > "Aaron Sheard" <aaron.sheard@axia.com> wrote in message
>> > news:Xns9333695D2D1C3aaronsheardaxiacom@62.178.224.240...
>> >> Has anyone tried running SL4NT over SSL. I would like to have my
>> >> syslog traffic encrypted. Is there any inherent way to do this, or
>> >> has anyone tried another method?
>> >>
>> >> Franz, will SL4NT ever have this feature or what would you
>> >> recommend to allow me to encrypt my syslog traffic?
>> >>
>> >>
>> >> Thanks in advance,
>> >>
>> >> Aaron Sheard
>> >
>> >
>> >
>>
>
>
>

Guest
  • Guest
  • Guest Topic Starter
2003-03-12T19:10:03Z
Date parsed: 3/12/2003 7:10:03 PM
Date: Wed, 12 Mar 2003 19:10:03 +0100

> Is there anything on the horizon for SL4NT to impliment some sort of
> encryption? Would it take much to add TCP forwarding? This would allow
> people to use things like stunnel and tcp wrappers.

"TCP forwarding" is on the feature list for the next version.

Franz

"Aaron Sheard" <zilogz@hotmail.com> wrote in message
news:Xns9337652F5FD98aaronsheardaxiacom@62.178.224.240...
>
>
>
> > Aaron,
> >
> >> I think i still want to persue trying to run syslog over ssl. (unix
> >> clients as well so IPSec may not be as easy)
> >>
> >> i noticed in 3.1 SL4NT there is an option to select both the port and
> >> protocol for the listener, but only the port number and default UDP
> >> for forwarding.
> >
> > SL4NT 3.1 supports only UDP when forwarding messages to other syslog
> > daemons.
>
> Is there anything on the horizon for SL4NT to impliment some sort of
> encryption? Would it take much to add TCP forwarding? This would allow
> people to use things like stunnel and tcp wrappers.
>
>
> >
> >> It is my understanding that stunnel only supports TCP, so is there a
> >> way for my SL4NT collectors to listen on TCP 514 and forward on TCP
> >> 514 to the master?
> >
> > Stunnel supports only TCP and can therefore not be used for encrypting
> > messages forwarded over UDP.
>
> I'm sure I'm not the only one out there that wants to secure syslog.
> What are Netal's plans for the near future to add any features like
> this?
>
>
> >
> > Franz
> >
> >
> > "Aaron Sheard" <zilogz@hotmail.com> wrote in message
> > news:Xns933ADD7D4507Daaronsheardaxiacom@62.178.224.240...
> >> "Franz Krainer" <franzk@netal.com> wrote in
> >> news:Bpm0f0a4CHA.4220@is1.netal.com:
> >>
> >> > Aaron,
> >> >
> >> > I would be possible to add SSL support to SL4NT but as far as I
> >> > know there's not a single syslog client (router, etc) that supports
> >> > syslog over SSL/TCP.
> >> >
> >> > The alternative would be to use IPSec: W2K (and later) supports
> >> > IPSec out-of-the-box and some vendors (e.g. Cisco) also support
> >> > IPSec on their router boxes. The advantage of using IPSec would be
> >> > that no changes to syslog client or server code is necessary
> >> > because IPSec
> >> I think i still want to persue trying to run syslog over ssl. (unix
> >> clients as well so IPSec may not be as easy)
> >>
> >> i noticed in 3.1 SL4NT there is an option to select both the port and
> >> protocol for the listener, but only the port number and default UDP
> >> for forwarding.
> >>
> >> It is my understanding that stunnel only supports TCP, so is there a
> >> way for my SL4NT collectors to listen on TCP 514 and forward on TCP
> >> 514 to the master?
> >>
> >> Thanks in advance,
> >>
> >> Aaron
> >>
> >> > works at the network layer and is therefore transparent for the
> >> > application layer.
> >> >
> >> > Franz
> >> >
> >> >
> >> > "Aaron Sheard" <aaron.sheard@axia.com> wrote in message
> >> > news:Xns9333695D2D1C3aaronsheardaxiacom@62.178.224.240...
> >> >> Has anyone tried running SL4NT over SSL. I would like to have my
> >> >> syslog traffic encrypted. Is there any inherent way to do this, or
> >> >> has anyone tried another method?
> >> >>
> >> >> Franz, will SL4NT ever have this feature or what would you
> >> >> recommend to allow me to encrypt my syslog traffic?
> >> >>
> >> >>
> >> >> Thanks in advance,
> >> >>
> >> >> Aaron Sheard
> >> >
> >> >
> >> >
> >>
> >
> >
> >
>


Guest
  • Guest
  • Guest Topic Starter
2003-03-12T19:51:55Z
Date parsed: 3/12/2003 7:51:55 PM
Date: Wed, 12 Mar 2003 19:51:55 +0100

Thanks Franz. I anxiously await the next version. ;)

in the mean time, Great product!

"Franz Krainer" <franzk@netal.com> wrote in
news:VhKYaKM6CHA.1796@is1.netal.com:

>> Is there anything on the horizon for SL4NT to impliment some sort of
>> encryption? Would it take much to add TCP forwarding? This would
>> allow people to use things like stunnel and tcp wrappers.
>
> "TCP forwarding" is on the feature list for the next version.
>
> Franz
>
> "Aaron Sheard" <zilogz@hotmail.com> wrote in message
> news:Xns9337652F5FD98aaronsheardaxiacom@62.178.224.240...
>>
>>
>>
>> > Aaron,
>> >
>> >> I think i still want to persue trying to run syslog over ssl.
>> >> (unix clients as well so IPSec may not be as easy)
>> >>
>> >> i noticed in 3.1 SL4NT there is an option to select both the port
>> >> and protocol for the listener, but only the port number and
>> >> default UDP for forwarding.
>> >
>> > SL4NT 3.1 supports only UDP when forwarding messages to other
>> > syslog daemons.
>>
>> Is there anything on the horizon for SL4NT to impliment some sort of
>> encryption? Would it take much to add TCP forwarding? This would
>> allow people to use things like stunnel and tcp wrappers.
>>
>>
>> >
>> >> It is my understanding that stunnel only supports TCP, so is there
>> >> a way for my SL4NT collectors to listen on TCP 514 and forward on
>> >> TCP 514 to the master?
>> >
>> > Stunnel supports only TCP and can therefore not be used for
>> > encrypting messages forwarded over UDP.
>>
>> I'm sure I'm not the only one out there that wants to secure syslog.
>> What are Netal's plans for the near future to add any features like
>> this?
>>
>>
>> >
>> > Franz
>> >
>> >
>> > "Aaron Sheard" <zilogz@hotmail.com> wrote in message
>> > news:Xns933ADD7D4507Daaronsheardaxiacom@62.178.224.240...
>> >> "Franz Krainer" <franzk@netal.com> wrote in
>> >> news:Bpm0f0a4CHA.4220@is1.netal.com:
>> >>
>> >> > Aaron,
>> >> >
>> >> > I would be possible to add SSL support to SL4NT but as far as I
>> >> > know there's not a single syslog client (router, etc) that
>> >> > supports syslog over SSL/TCP.
>> >> >
>> >> > The alternative would be to use IPSec: W2K (and later) supports
>> >> > IPSec out-of-the-box and some vendors (e.g. Cisco) also support
>> >> > IPSec on their router boxes. The advantage of using IPSec would
>> >> > be that no changes to syslog client or server code is necessary
>> >> > because IPSec
>> >> I think i still want to persue trying to run syslog over ssl.
>> >> (unix clients as well so IPSec may not be as easy)
>> >>
>> >> i noticed in 3.1 SL4NT there is an option to select both the port
>> >> and protocol for the listener, but only the port number and
>> >> default UDP for forwarding.
>> >>
>> >> It is my understanding that stunnel only supports TCP, so is there
>> >> a way for my SL4NT collectors to listen on TCP 514 and forward on
>> >> TCP 514 to the master?
>> >>
>> >> Thanks in advance,
>> >>
>> >> Aaron
>> >>
>> >> > works at the network layer and is therefore transparent for the
>> >> > application layer.
>> >> >
>> >> > Franz
>> >> >
>> >> >
>> >> > "Aaron Sheard" <aaron.sheard@axia.com> wrote in message
>> >> > news:Xns9333695D2D1C3aaronsheardaxiacom@62.178.224.240...
>> >> >> Has anyone tried running SL4NT over SSL. I would like to have
>> >> >> my syslog traffic encrypted. Is there any inherent way to do
>> >> >> this, or has anyone tried another method?
>> >> >>
>> >> >> Franz, will SL4NT ever have this feature or what would you
>> >> >> recommend to allow me to encrypt my syslog traffic?
>> >> >>
>> >> >>
>> >> >> Thanks in advance,
>> >> >>
>> >> >> Aaron Sheard
>> >> >
>> >> >
>> >> >
>> >>
>> >
>> >
>> >
>>
>
>

Similar Topics