Re: [fw-wiz] SCADA

Brian Loe wrote:
We have a data logger system
that needs to be able to talk to both networks, it's in a DMZ with TWO
firewalls between the corporate network and the control network.

BTW - I know your data logging application is not syslog, but - in
case the problem ever comes up for someone on this list, I've published
the source for "plog" on my website. It's in my code archives on:
"Plog is a promiscuous syslog listener. It sucks UDP syslog packets up off a network, rips the message screaming and kicking out of the packet body, and stuffs it into /dev/log. This program supports a bare minimum of options. Be very careful you do not use plog to inject messages into a syslog server that forwards the messages to a loghost over a network! It will hurt! (the good news is you'll get lots of log messages..)"

Oddly, plog works faster than regular UDP syslog on some systems,
because the bpf implementations are sometimes faster than the UDP

Marcus J. Ranum CSO, Tenable Network Security, Inc.
