Re: [fw-wiz] websiite log transfers from exposed to internal nets:

From: Paul Robertson (
Date: 06/22/03

  • Next message: Paul Robertson: "Re: [fw-wiz] Security policy & setup for portable computers"
    To: "R. DuFresne" <>
    Date: Sun, 22 Jun 2003 09:41:10 -0400 (EDT)

    On Thu, 19 Jun 2003, R. DuFresne wrote:

    > Folks,
    > I have a number of windoows/NT based systems that are in an exposed DMZ
    > that need to transfer rotated logs to an internal unix system forlog
    > analysis. My recommendation is to have the internal unix system pull
    > those logs from the exposed subnet via rsync/sshd <would require cgywin
    > besides licesngin of sshd for a windows platform>. Of course, the
    > windows folks are ballking at this due to haivng to to setup the
    > applications/deamons and all that, let alone licesning sshd for their
    > platform. I see the pull coming from the inside as being the best way to
    > control the transaction in a secure manner rather then punching a hole for
    > their systems to push <via plain old ftp> to the inside. But, perhaps I'm
    > seeing things in a tunnel. Is my view lopsided or skewd and dooes anyone
    > know of a way to accomplish this chore with something more standard then
    > sshd/rsync between these two platforms?

    I don't know about more standard, but if all you're looking for is an
    encrypted tunnel, SSLtunnel would probably be about as good as using SSH,
    and not require additional licensing.

    The alternative would be to have the *doze boxes log to a *nix server in
    the DMZ, then do rsynch/ssh from in to that box- depending on the
    operational structure, that could be more advantageous.

    Paul D. Robertson "My statements in this message are personal opinions which may have no basis whatsoever in fact." Director of Risk Assessment TruSecure Corporation

    firewall-wizards mailing list

  • Next message: Paul Robertson: "Re: [fw-wiz] Security policy & setup for portable computers"