Re: [ossec-list] Encrypt traffic between agents and manager

Mon, 18 Mar 2013 10:03:54 -0700 

Hi Eero, Dan,

Thanks a lot for your quick response.
So if I got the "secure" way, I should put this in my ossec.conf on the
manager
or there is something else to do ? I want to user TCP for reliability.
what about the port, is it the correct one or I should use 1514 ?

 <remote>
    <connection>syslog</connection>
    <allowed-ips>192.168.152.138/27</allowed-ips>
    <protocol>tcp</protocol>
    <port>514</port>
  </remote>

Thanks for all of you.


Best Regards

Iqbal Aroussi
514-627-0438


On Mon, Mar 18, 2013 at 12:17 PM, dan (ddp) <[email protected]> wrote:

> On Mon, Mar 18, 2013 at 11:38 AM, Iqbal Aroussi <[email protected]> wrote:
> > Hi everyone,
> >
> > I want to inform you that I'm really new to OSSEC and I have two
> questions
> > actually.
> >
> > First:
> > I configured the manager as a central syslog, I wanted to know if there
> is a
> > way to encrypt
> > traffic between agents and manager using TLS or SSL.
> >
>
> You could probably use stunnel, but that seems like a hack. If you
> want the traffic encrypted (although not with ssl/tls) use the secure
> method instead of syslog.
>
> > Second:
> > By default OSSEC archives the logs and compresses them using gzip, is it
> > possible to use bzip2 ?
> >
>
> Only if you modify the source.
>
> > Thanks a lot in advance for your help
> >
> > Best Regards
> >
> > Iqbal Aroussi
> > 514-627-0438
> >
> > --
> >
> > ---
> > You received this message because you are subscribed to the Google Groups
> > "ossec-list" group.
> > To unsubscribe from this group and stop receiving emails from it, send an
> > email to [email protected].
> > For more options, visit https://groups.google.com/groups/opt_out.
> >
> >
>
> --
>
> ---
> You received this message because you are subscribed to the Google Groups
> "ossec-list" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to [email protected].
> For more options, visit https://groups.google.com/groups/opt_out.
>
>
>

-- 

--- 
You received this message because you are subscribed to the Google Groups 
"ossec-list" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to [email protected].
For more options, visit https://groups.google.com/groups/opt_out.

Reply via email to