- Training
- Training - ALL
- Training - US / Canada
- Training - EMEA
- Training - International
- Training - Virtual
- SANS Courses
- Courses - Best Sellers
- Training Calendars
- SANS @Home
- SANS OnDemand
- Community SANS
- SANS Mentor Program
- SANS Onsite
- SANS SelfStudy
- SANS Partnership Series
- SANS Workshop Series
- Webcasts
- Career Roadmap
- Certified Instructors
- Work Study
- Group Discounts
- Events Archive
- DoD 8570
- Voucher Credit Program
- Certification
- Resources
- Vendor
- Portal
- Storm Center
- College
- Developer
- About
the most trusted source for computer security training, certification and research
A Security Analysis of System Event Logging with Syslog
- Abstract
- An analysis of the system event logging protocol, syslog is discussed. A review of the problems with the syslog protocol are described. Theses security problems include the transmission of system log data in clear text, use of UDP for network transfer and storage of event data in clear text. A survey of some of the syslog replacements was done. The paper concludes with a discussion of how one might go about creating a reasonably secure logging infrastructure.