Slashdot Mirror

← Back to Stories (view on slashdot.org)

SDSC Secure Syslog

Posted by michael on from the footprints-in-the-snow dept.

Wee writes "I saw this morning that the San Diego Supercomputer Center has released Secure Syslog, a replacement for the standard Linux/UNIX syslog daemon they've been working on for some time. It adds security and performance features (modular design, highly scalable), while retaining backwards compatibility. According to their announcement, it is the first syslog implementation to target "syslog-reliable" (RFC 3195) functionality and it is the first syslog targeted at very high performance and forensically-sound auditing. It's currently under the UC's "free for non-commercial use" license, but they are looking at moving to a completely open license (BSD-style licensing was mentioned). If you have high-traffic systems and you need reliable syslogging, this might be a worth a look. Those needing syslogging over TCP/BEEP, sockets, etc as well as UDP might also want to check it out."

5 of 100 comments (clear)

  1. free for non commerical use, aka... by ostiguy · · Score: 4, Insightful

    free for slow adoption.

    the sooner more people can use it, the sooner corporate products will have to support it, and the more secure we all can hopefully be.

    after all, we haven't had much luck getting the newer snmp versions deployed.

    ostiguy

    1. Re:free for non commerical use, aka... by Wee · · Score: 4, Insightful
      free for slow adoption.

      They're trying to open source. But recall that this whole thing is under the auspices of the University of California system. That means lawyers. Government lawyers. And red tape creating, rubber stamp-wielding pensioners... don't forget about them. The whole system moves about as fast as the glaciers (and with about as much unstaoppable force, too).

      Never underestimate the power of a bureaucracy.

      -B

      --

      Ash and Hickory, straight-grained and true, make excellent bludgeons, dandy for the cudgeling of vegetarians.

  2. Re: replacement by bogie · · Score: 3, Insightful

    "a replacement for the standard Linux/UNIX syslog daemon they've been working on for some time....it's currently under the UC's "free for non-commercial use" license, but they are looking at moving to a completely open license (BSD-style licensing was mentioned)."

    Sorry to sound like a weenie, but if its not GPL'd I'm not interested. This is one of those "core parts" I'm usually talking about that needs to be gpl if its going to get included in every distro. I know there are important parts of every linux distro that aren't GPL, but the more software we add that isn't GPL the worse off we are. Don't get me wrong, I'm all for proprietary add-on software(desktop/server apps, games etc) for linux, but the core software, ie base OS, system utilities, desktop WM, internet browser/connection software and basic office capabilities need to be GPL.

    --
    If you wanna get rich, you know that payback is a bitch
  3. Re:Apache is not GPL by FreeUser · · Score: 5, Insightful

    What do you use for webserving?

    He probably uses apache, although he could be using any one of several free webservers, some of which are in fact GPLed.

    Either you're an idiot or you're trolling. There is no in between. Personally, I think you're an idiot.

    It is a pity you make such a good point about the diversity of free software licenses available, then ruin it with that sort of inane flamage.

    First, he may or may not be trolling. I suspect probably not (but I could be wrong) ... his comment appears to be a more naive equation of Free Software==GPL, which of course is mistaken, as you correctly point out. Free software can be public domain, it can be BSD licensed, it can be Artistically licensed, it can be apache licensed, it can be LGPLed, indeed, it can be licensed under any number of such licenses.

    Second, to say there is no in between is foolish. Almost as foolish as Dubya's "your with us or you're with the terrorists," which the Iranians quite correctly rebutted with "we are neither with you, nor are we with the terrorists, and you sir are a pathetic simpleton" (a nuance obviuosly lost on our current regime). There is a huge middle ground ... people often say provactive things in making very valid points.

    Finally, he is hardly an idiot. Naive in equating the GPL with free software, but had his comment replaced the term GPL with "free software" it would have been very valid and on point. The core UNIX utilities and operating system need to be free software, unencumbered by constraints such as "no commercial use" (or the asinine "no use to violate human rights", where the definition of human rights varies from county to county, state to state, and very obviuosly nation to nation). On that point he is correct ... he simply needs to educate himself on the nuances of free software licenses, and the difference between free software and the GPL, which is merely a subset thereof. Hardly a sign of idiocy, merely a sign of ignorance, a condition that is easily corrected.

    --
    The Future of Human Evolution: Autonomy
  4. Re:Remote logging exists right now by James+Willard · · Score: 5, Insightful

    But the point is that standard syslog still runs over the unreliable UDP transport and has no authentication to prevent forged log entries.

    If the UDP packet happens to be dropped along the way (perhaps flooding a router or network with traffic to hope for packet loss), it won't make it into the logs.

    Also, since there is no authentication and it's easy to forge a UDP packet, it would be possible for an attacker to carry out a DoS attack against your log server by filling it with useless data and filling up the disk.