Re: Syslog and Router
From: Srecko Jovancevic (xxx-x@amadeus.uni-bk.ac.yu)Date: 07/29/02
- Previous message: Franco O'Hara: "Locked workstation"
- In reply to: Srecko Jovancevic: "Re: Syslog and Router"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Srecko Jovancevic" <xxx-x@amadeus.uni-bk.ac.yu> To: "Srecko Jovancevic" <xxx-x@amadeus.uni-bk.ac.yu>, <djsauer@swbell.net>, "'Jamie Furtner'" <jamie.furtner@ideaca.com>, "'many Lists..'" <many_lists@yahoo.com>, <security-basics@securityfocus.com> Date: Mon, 29 Jul 2002 18:01:59 +0200
just to correct myself
use syslogd - r command to receive remote logs
and you can filter the incoming traffic with iptables or ipchains
----- Original Message -----
From: "Srecko Jovancevic" <xxx-x@amadeus.uni-bk.ac.yu>
To: <djsauer@swbell.net>; "'Jamie Furtner'" <jamie.furtner@ideaca.com>;
"'many Lists..'" <many_lists@yahoo.com>; <security-basics@securityfocus.com>
Sent: Monday, July 29, 2002 9:41 AM
Subject: Re: Syslog and Router
> use syslogd - command to receive remote logs
> and you can filter the incoming traffic with iptables or ipchains
>
> ----- Original Message -----
> From: "Don Sauer" <djsauer@swbell.net>
> To: "'Jamie Furtner'" <jamie.furtner@ideaca.com>; "'many Lists..'"
> <many_lists@yahoo.com>; <security-basics@securityfocus.com>
> Sent: Sunday, July 28, 2002 8:36 PM
> Subject: RE: Syslog and Router
>
>
> > Of course if it was a Linux box you could configure iptables to only
> > accept syslog traffic from that IP by adding a rule
> >
> > -----Original Message-----
> > From: Jamie Furtner [mailto:jamie.furtner@ideaca.com]
> > Sent: Friday, July 26, 2002 3:39 PM
> > To: 'many Lists..'; security-basics@securityfocus.com
> > Subject: RE: Syslog and Router
> >
> >
> > Use the "LOGGING <hostname or IP>" command to tell the router where the
> > logs are supposed to go. You may also want to use "logging facility
> > <local1-7>" so you can split your logs out to a seperate router log
> > file.
> >
> > Setting up the syslog server to only accept logs from a particular IP is
> > server specific - the generic syslog daemons on Linux and Solaris don't
> > have that capability(ie. they accept events from any IP). You would have
> > to replace the daemon with a third party syslog daemon such as syslog-ng
> > on *nix.
> >
> > Jamie
> >
> > -----Original Message-----
> > From: many Lists.. [mailto:many_lists@yahoo.com]
> > Sent: Friday, July 26, 2002 7:32 AM
> > To: security-basics@securityfocus.com
> > Subject: Syslog and Router
> >
> >
> > I read it in a cisco book that while applying access
> > lists in router, we can choose also
> > whether to log any packet matching a particular access
> > rule or not, If we don't define whether to log it on
> > some syslog server then logs are displayed on console.
> > However it's written in book that we can get logs via
> > some syslog server remotely.
> > I need hints and tips on how do i setup a syslog
> > server to accept logs input from
> > router's ip only!!! and how do i define the syslog
> > server's ip in router because i couldnt find it in my
> > cisco's book anywhere. I have cisco book by Todd
> > Lammale.
> >
> > Thanks in Advance
> >
> > __________________________________________________
> > Do You Yahoo!?
> > Yahoo! Health - Feel better, live better http://health.yahoo.com
> >
> >
>
>
- Previous message: Franco O'Hara: "Locked workstation"
- In reply to: Srecko Jovancevic: "Re: Syslog and Router"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
