Re: websiite log transfers from exposed to internal nets:

[Paul Robertson <proberts () patriot net>]

On Thu, 19 Jun 2003, R. DuFresne wrote:

> Folks,
>
> I have a number of windoows/NT based systems that are in an exposed DMZ
> that need  to transfer rotated logs to an internal unix system forlog
> analysis.  My recommendation is to have the internal unix system pull
> those logs from the exposed subnet via rsync/sshd <would require cgywin
> besides licesngin of sshd for a windows  platform>.  Of course, the
> windows folks are ballking at this due to haivng to to setup the
> applications/deamons and all that, let alone licesning sshd for their
> platform.  I see the pull coming from the inside as being the best way to
> control the transaction in a secure manner rather then punching a hole for
> their systems to push <via plain old ftp> to the inside.  But, perhaps I'm
> seeing things in a tunnel.  Is my view lopsided or skewd and dooes anyone
> know of a way to accomplish this chore with something more standard then
> sshd/rsync between these two platforms?

I don't know about more standard, but if all you're looking for is an 
encrypted tunnel, SSLtunnel would probably be about as good as using SSH, 
and not require additional licensing.

The alternative would be to have the *doze boxes log to a *nix server in 
the DMZ, then do rsynch/ssh from in to that box- depending on the 
operational structure, that could be more advantageous.

Paul
-----------------------------------------------------------------------------
Paul D. Robertson      "My statements in this message are personal opinions
proberts () patriot net      which may have no basis whatsoever in fact."
probertson () trusecure com Director of Risk Assessment TruSecure Corporation

_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards