[TOOL] The Logging Project
From: support@securiteam.comDate: 07/24/02
- Previous message: support@securiteam.com: "[EXPL] How to Reproduce PHP Segfault"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: support@securiteam.com To: list@securiteam.com Date: Wed, 24 Jul 2002 09:00:45 +0200 (CEST)
The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion
When was the last time you checked your server's security?
How about a monthly report?
http://www.AutomatedScanning.com - Know that you're safe.
- - - - - - - - -
The Logging Project
------------------------------------------------------------------------
DETAILS
The <http://condor.gmu.edu/~jason/logging/> Logging Project was born out
of a need for secure, centralized, fault tolerant, real time logging. The
task of monitoring several hosts can be tedious and frustrating when logs
are not stored centrally. Syslog replacements do not suffice, because
system logs are only part of the package. Web servers, IDS and other
application specific logs are of equal interest to the administrator.
These replacements seem like overkill because they often reinvent the
wheel and complicate the issue of simply logging messages. TLP deals
solely with the problem of gathering logs in a central place securely. It
attempts to deliver messages at all costs and will withstand network
outages and host failures (within reason).
TLP is a modularized and much improved re-write of salt. Each separate
role salt performed was identified and implemented as a stand-alone
program. The collection of these tools provide a much more robust and
flexible architecture allowing for message selection, mutation, and
compression.
Supported Features:
* TLSv1 between client and server (OpenSSL)
* Monitor any text file in real time
* Centralized logging to regular files (demux)
* Centralized logging to syslog (syslate/stale/streamlog)
* Firewall friendly
* Message queuing when tunnel is offline (sptc)
* Limited queue growth (sptc)
* Fault tolerant flushing of queue when tunnel connection is resumed
(sptc)
* Client authentication of server certificate (sptc)
* Stateful monitoring of log files (stale)
* Handles log rotation/truncation/removal gracefully (stale)
* Tunnel data compression (bzip/gzip)
* Message mutation/selection (grep/perl/awk)
* Runs on several UNIXs
ADDITIONAL INFORMATION
The tool can be downloaded from:
<http://condor.gmu.edu/~jason/logging/>
http://condor.gmu.edu/~jason/logging/
The information has been provided by <mailto:jason@condor.gmu.edu> Jason
Royes.
========================================
This bulletin is sent to members of the SecuriTeam mailing list.
To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@securiteam.com
In order to subscribe to the mailing list, simply forward this email to: list-subscribe@securiteam.com
====================
====================
DISCLAIMER:
The information in this bulletin is provided "AS IS" without warranty of any kind.
In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.
- Previous message: support@securiteam.com: "[EXPL] How to Reproduce PHP Segfault"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
