On Thu, 15 Jun 2000, Marcin Owsiany wrote: > Depends on your exact mail setup, I think. Maybe make a script that would > download the logs to some other box using scp and mail them locally then to > your account's mailbox. If you're downloading mail via POP to some other > box, you may do it via an ssh tunnel.
Not the best way, I think... make a script that connects *to* the firewall with scp, and pulls the logs off it - if you have a script on the firewall that can automatically copy files to a remote site, then anyone who manages to get into the firewall automatically has a shell acount on that remote site... wheras with proper defensive programming, a script that pulls the data *from* the firewall remains safe, even if the data is tampered with. Of course, you then have a "free" account on the firewall, but if you create an RSA keyset that is *only* used for that *one* firewall, it should be secure. -- Charles Cooke, Network Engineer HighwayOne Corporation Ltd.
