Firewall Wizards mailing list archives
Re: websiite log transfers from exposed to internal nets:
From: Paul Robertson <proberts () patriot net>
Date: Sun, 22 Jun 2003 09:41:10 -0400 (EDT)
On Thu, 19 Jun 2003, R. DuFresne wrote:
Folks, I have a number of windoows/NT based systems that are in an exposed DMZ that need to transfer rotated logs to an internal unix system forlog analysis. My recommendation is to have the internal unix system pull those logs from the exposed subnet via rsync/sshd <would require cgywin besides licesngin of sshd for a windows platform>. Of course, the windows folks are ballking at this due to haivng to to setup the applications/deamons and all that, let alone licesning sshd for their platform. I see the pull coming from the inside as being the best way to control the transaction in a secure manner rather then punching a hole for their systems to push <via plain old ftp> to the inside. But, perhaps I'm seeing things in a tunnel. Is my view lopsided or skewd and dooes anyone know of a way to accomplish this chore with something more standard then sshd/rsync between these two platforms?
I don't know about more standard, but if all you're looking for is an encrypted tunnel, SSLtunnel would probably be about as good as using SSH, and not require additional licensing. The alternative would be to have the *doze boxes log to a *nix server in the DMZ, then do rsynch/ssh from in to that box- depending on the operational structure, that could be more advantageous. Paul ----------------------------------------------------------------------------- Paul D. Robertson "My statements in this message are personal opinions proberts () patriot net which may have no basis whatsoever in fact." probertson () trusecure com Director of Risk Assessment TruSecure Corporation _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- websiite log transfers from exposed to internal nets: R. DuFresne (Jun 22)
- Re: websiite log transfers from exposed to internal nets: Paul Robertson (Jun 22)
- Re: websiite log transfers from exposed to internal nets: Richard Threadgill (Jun 22)
- <Possible follow-ups>
- RE: websiite log transfers from exposed to internal nets: R. DuFresne (Jun 22)
- Re: RE: websiite log transfers from exposed to internal nets: Devdas Bhagat (Jun 22)
- RE: websiite log transfers from exposed to internal nets: Linc B (Jun 23)