Hello all, I have included an (GenIII) Honeynet (based on roo) in a Project divided in several distribuited modules.
I have the necessity to send the logs generated by HoneyWall (iptables,sebek log etc.) to another module of project for analysis operations (located on another host machine ) The solutions proposed for this purpose are following: - using rcp for coping log files from HoneyWall to the host. - using shared directory between HoneyWall and host -send UDP message containing the log information Does someone of you know if this mechanism should compromise the integrity/security of HoneyWall? Or suggest a different mecchanism that should be used for receiving the logs from HoneyWall according with Honeynet Project requirements. Thanks for the feedback! Francesca _______________________________________________ Honeywall mailing list [email protected] https://public.honeynet.org/mailman/listinfo/honeywall
