Re: Syslog over SSH

From: Jose Nazario (jose@biocserver.BIOC.cwru.edu)
Date: 11/29/01


Date: Thu, 29 Nov 2001 17:06:38 -0500 (EST)
From: Jose Nazario <jose@biocserver.BIOC.cwru.edu>
To: Rafael Vidal Aroca <rafael@3wt.com.br>
Subject: Re: Syslog over SSH
Message-ID: <Pine.LNX.4.30.0111291705390.25031-100000@biocserver.BIOC.CWRU.Edu>

On Thu, 29 Nov 2001, Rafael Vidal Aroca wrote:

> What I do to do secure logging on remote machines is pipe
> UDP/514 (syslog) to TCP using netcat then pass it to another machine
> over a SSH tunnel, and put it to localhost.

why not cryptcat or aesnetcat?

http://farm9.com/content/Free_Tools/Cryptcat
http://www.ussrback.com/UNIX/utilities/aes-netcat.tgz

saves a step.

____________________________
jose nazario jose@cwru.edu
                           PGP: 89 B0 81 DA 5B FD 7E 00 99 C3 B2 CD 48 A0 07 80
                                       PGP key ID 0xFD37F4E5 (pgp.mit.edu)



Relevant Pages

  • Re: Port redirection problems?
    ... Does netcat can do the ... > that suggests it will translate UDP to TCP and the reverse. ... Secure Shell by redirecting the syslog traffic to TCP tunnel, ...
    (comp.os.linux.networking)
  • ssh v4.2p1 IPv6 TCP checksum error
    ... repeatedly encounter TCP checksum errors. ... on to the ssh problem... ... Internet Protocol Version 6 ... Transmission Control Protocol, Src Port: 41335, Dst Port: ssh ...
    (SSH)
  • Re: ipfw and nmap
    ... > even be correct but I have a bsd box that is simply providing me SSH ... add allow tcp from any to me 22 setup in via fxp0 keep-state ... Note too that there is nothing to prevent port scanners simply setting ... the 'SYN' flag in the probe packets they send to your server. ...
    (freebsd-questions)
  • pf.conf
    ... Use "block return" so that a TCP RST is sent ... to $Angels port ssh ... # Pass TCP, UDP, and ICMP out on the external interface. ... pass out on $Demons proto all modulate state ...
    (comp.unix.bsd.openbsd.misc)
  • Re: Debugging ipv6
    ... However, when I attempt to ssh into it, it baulks: ... ssh: connect to host vanderhoff.org port 22: Connection refused ... My firewall should let ssh6 packets through: ... 2421 301K ACCEPT tcp any any anywhere ...
    (Debian-User)