An analysis of the system event logging protocol, syslog is discussed. A review of the problems with the syslog protocol are descibed. Theses security problems include the tranmission of system log data in clear text, use of UDP for network transfer and storage of event data in cleartest. A survey of some of the syslog replacements was done. The paper concludes with a disucssion of how one might go about creating a reasonably secure logging infastructure.
Read Entire Paper
E-Mail Link
Your IP address will be sent with this e-mail
