summaryrefslogtreecommitdiffstats
path: root/debian/python-dmidecode.substvars
diff options
context:
space:
mode:
Diffstat (limited to 'debian/python-dmidecode.substvars')
0 files changed, 0 insertions, 0 deletions
generated by cgit (git 2.34.1) at 2026-04-19 12:56:59 +0000
71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html><head><title>TLS-protected syslog: recommended scenario</title>
</head>
<body>

<h1>Encrypting Syslog Traffic with TLS (SSL)</h1>
<p><small><i>Written by <a href="http://www.adiscon.com/en/people/rainer-gerhards.php">Rainer
Gerhards</a> (2008-06-17)</i></small></p>
<ul>
<li><a href="rsyslog_secure_tls.html">Overview</a>
<li><a href="tls_cert_scenario.html">Sample Scenario</a>
<li><a href="tls_cert_ca.html">Setting up the CA</a>
<li><a href="tls_cert_machine.html">Generating Machine Certificates</a>
<li><a href="tls_cert_server.html">Setting up the Central Server</a>
<li><a href="tls_cert_client.html">Setting up syslog Clients</a>
<li><a href="tls_cert_udp_relay.html">Setting up the UDP syslog relay</a>
<li><a href="tls_cert_summary.html">Wrapping it all up</a>
<li><a href="tls_cert_errmsgs.html">Frequently seen Error Messages</a>
</ul>

<h2>Overview</h2>
<p>This document describes a secure way to set up rsyslog TLS. A secure logging
environment requires more than just encrypting the transmission channel. This document
provides one possible way to create such a secure system.
<p>Rsyslog's TLS authentication can be used very flexible and thus supports a 
wide range of security policies. This section tries to give some advise on a 
scenario that works well for many environments. However, it may not be suitable 
for you - please assess you security needs before using the recommendations 
below. Do not blame us if it doesn't provide what you need ;)</p>
<p>Our policy offers these security benefits:</p>
<ul>
	<li>syslog messages are encrypted while traveling on the wire</li>
	<li>the syslog sender authenticates to the syslog receiver; thus, the 
	receiver knows who is talking to it</li>
	<li>the syslog receiver authenticates to the syslog sender; thus, the sender 
	can check if it indeed is sending to the expected receiver</li>
	<li>the mutual authentication prevents man-in-the-middle attacks</li>
</ul>
<p>Our secrity goals are achived via public/private key security. As such, it is 
vital that private keys are well protected and not accessible to third parties. 
<span style="float: left">
<script type="text/javascript"><!--
google_ad_client = "pub-3204610807458280";
/* rsyslog doc inline */
google_ad_slot = "5958614527";
google_ad_width = 125;