I'd like to see some consideration of partial solutions that can be implemented rapidly and widely, now, without waiting for the world's responsible OS vendors to implement a new log protocol that we're now inventing. From I have been most concerned about authentication of log reports, and scenarios in which an attacker interested in a particular device is able to "chaff" the event logging system with bogus reports that claim to be from ---------------------- Forwarded by Alex Brown/US/3Com on 10/20/99 02:26 PM --------------------------- [EMAIL PROTECTED] on 10/20/99 02:24:44 PM Please respond to [EMAIL PROTECTED] Sent by: [EMAIL PROTECTED] To: Emiliano Kargieman <core.lists.syslog-sec @core-sdi.com> cc: [EMAIL PROTECTED] (Alex Brown/US/3Com) Subject: Re: [syslog-sec] Re: timestamps and timezones (was: time-sync) [EMAIL PROTECTED] wrote: "I think UDP support must be in, for a lot of applications unreliability is not a big issue but a protocol thats easely implementable on embbeded systems is." Thank you! This is the first comment I've seen recognizing my concerns. Alex Brown <[EMAIL PROTECTED]> +1 508 323 2283
Living with existing syslogd
by way of "Chris M. Lonvick" <[EMAIL PROTECTED]> Mon, 10 Apr 2000 10:14:25 -0700
- Re: Livin... Robert Webber
