Ausnahme gefangen: SSL certificate problem: certificate is not yet valid 📌 Encrypting local syslog traffic?

🏠 Team IT Security News

TSecurity.de ist eine Online-Plattform, die sich auf die Bereitstellung von Informationen,alle 15 Minuten neuste Nachrichten, Bildungsressourcen und Dienstleistungen rund um das Thema IT-Sicherheit spezialisiert hat.
Ob es sich um aktuelle Nachrichten, Fachartikel, Blogbeiträge, Webinare, Tutorials, oder Tipps & Tricks handelt, TSecurity.de bietet seinen Nutzern einen umfassenden Überblick über die wichtigsten Aspekte der IT-Sicherheit in einer sich ständig verändernden digitalen Welt.

16.12.2023 - TIP: Wer den Cookie Consent Banner akzeptiert, kann z.B. von Englisch nach Deutsch übersetzen, erst Englisch auswählen dann wieder Deutsch!

Google Android Playstore Download Button für Team IT Security

RSS Feed Symbol für Team IT Security

800+ IT News als RSS Feed abonnieren

Thema auswählen:

📚 Encrypting local syslog traffic?

🕛 Zeit seit Veröffentlichung: 1018 Tage, 4 Stunden 27 Minuten
📆 Veröffentlicht am: 23.06.2021 um 23:56 Uhr
💡 Newskategorie: Linux Tipps
🔗 Quelle: reddit.com

Security audit team is citing us for not encrypting logs for our local traffic, which resides behind a Firewall sitting in an isolated network behind another firewall. We are using Graylog and they are saying we need to set it up to use TCP+TLS which is obviously doable but i'm trying to figure out why. To me this is a non-issue and they are just citing AU-09 of NIST800-53 as a reason:

" AU-09: The information system protects audit information and audit tools from unauthorized access, modification, and deletion"

I've always read that control as referring to data at rest on the system, since it references tools as well. But they said that MP-2 is for that. Does anyone actively do this in their corp environments and can provide a justifiable reason? It's silly and cumbersome to me if the logs are not going out of network, and if someone is actively sniffing all the logs they have popped the log server or a system on it's VLAN and we have WAAAAAAY bigger issues then them sniffing out a few logs.

submitted by /u/bfrown
[link] [comments] ...

Sharing is caring on Social Media

Join the Team IT Security Community

📌 Encrypting local syslog traffic?

🕛 1018 Tage, 3 Stunden 37 Minuten
📆 23.06.2021 um 23:56 Uhr
📈 51.67 Punkte

📌 [local] SolarWinds Kiwi Syslog Server 8.3.52 - 'Kiwi Syslog Server' Unquoted Service Path

🕛 1610 Tage, 13 Stunden 21 Minuten
📆 08.11.2019 um 01:00 Uhr
📈 42.72 Punkte

📌 #0daytoday #SolarWinds Kiwi Syslog Server 8.3.52 - (Kiwi Syslog Server) Unquoted Service Path Vulne [#0day #Exploit]

🕛 1611 Tage, 12 Stunden 4 Minuten
📆 08.11.2019 um 15:07 Uhr
📈 36.68 Punkte

📌 What program is great for encrypting individual files on Windows instead of encrypting entire volumes like with VeraCrypt?

🕛 1602 Tage, 23 Stunden 7 Minuten
📆 17.11.2019 um 04:37 Uhr
📈 35.22 Punkte

📌 Using only 1 secure way of encrypting traffic vs more than 1

🕛 1933 Tage, 3 Stunden 6 Minuten
📆 22.12.2018 um 00:10 Uhr
📈 27.29 Punkte

📌 Stream Cipher for Encrypting Network Traffic?

🕛 1790 Tage, 6 Stunden 50 Minuten
📆 13.05.2019 um 20:56 Uhr
📈 27.29 Punkte

📌 DoH disabled by default in Firefox on OpenBSD: «While encrypting DNS might be a good thing, sending all DNS traffic to Cloudflare by default is not a good idea. Applications should respect OS-configured settings.»

🕛 1667 Tage, 6 Stunden 52 Minuten
📆 13.09.2019 um 21:30 Uhr
📈 27.29 Punkte

📌 80% of all Android apps are encrypting traffic by default

🕛 1586 Tage, 7 Stunden 37 Minuten
📆 03.12.2019 um 19:00 Uhr
📈 27.29 Punkte

📌 Unpatched iOS Bug Blocks VPNs From Encrypting All Traffic

🕛 1472 Tage, 9 Stunden 21 Minuten
📆 26.03.2020 um 18:54 Uhr
📈 27.29 Punkte

📌 Security In 5: Episode 608 - Interesting Story About Police Encrypting Radio Traffic

🕛 1627 Tage, 12 Stunden 21 Minuten
📆 23.10.2019 um 15:11 Uhr
📈 27.29 Punkte

📌 Unpatched iOS Bug Blocks VPNs From Encrypting All Traffic

🕛 1472 Tage, 3 Stunden 6 Minuten
📆 27.03.2020 um 01:02 Uhr
📈 27.29 Punkte

📌 Researchers Find Bug Existing Since iOS 13.3.1 Which Interferes With VPNs Encrypting Traffic

🕛 1468 Tage, 12 Stunden 51 Minuten
📆 30.03.2020 um 14:49 Uhr
📈 27.29 Punkte

📌 [local] - SolarWinds Kiwi Syslog Server 9.5.1 - Unquoted Service Path Privilege Escalation

🕛 2756 Tage, 7 Stunden 21 Minuten
📆 19.09.2016 um 02:00 Uhr
📈 24.38 Punkte

📌 [local] - SolarWinds Kiwi Syslog Server 9.5.1 - Unquoted Service Path Privilege Escalation

🕛 2756 Tage, 7 Stunden 21 Minuten
📆 19.09.2016 um 02:00 Uhr
📈 24.38 Punkte

📌 Vuln: Kiwi Syslog Server and Kiwi CatTools Local Privilege Escalation Vulnerability

🕛 1958 Tage, 17 Stunden 44 Minuten
📆 26.11.2018 um 01:00 Uhr
📈 24.38 Punkte

📌 Vuln: Kiwi Syslog Server and Kiwi CatTools Local Privilege Escalation Vulnerability

🕛 1958 Tage, 17 Stunden 44 Minuten
📆 26.11.2018 um 01:00 Uhr
📈 24.38 Punkte

📌 Vuln: Self-Encrypting Drives CVE-2018-12038 Local Security Bypass Vulnerability

🕛 1977 Tage, 18 Stunden 32 Minuten
📆 06.11.2018 um 01:00 Uhr
📈 23.65 Punkte

📌 Vuln: Self-Encrypting Drives CVE-2018-12037 Local Security Bypass Vulnerability

🕛 1977 Tage, 18 Stunden 32 Minuten
📆 06.11.2018 um 01:00 Uhr
📈 23.65 Punkte

📌 Web-Traffic-Generator - A Quick And Dirty HTTP/S "Organic" Traffic Generator

🕛 2035 Tage, 12 Stunden 36 Minuten
📆 10.09.2018 um 14:36 Uhr
📈 19.37 Punkte

📌 Website Traffic Generator - Babylon Traffic

🕛 1748 Tage, 10 Stunden 52 Minuten
📆 24.06.2019 um 17:17 Uhr
📈 19.37 Punkte

📌 Apache Traffic Control Traffic Router TCP Connection Slowloris denial of service

🕛 1626 Tage, 8 Stunden 50 Minuten
📆 24.10.2019 um 17:16 Uhr
📈 19.37 Punkte

📌 On a scale from 1 to 100 where 1 is "lol plaintext" and 100 is NSA level stuff, how secure is normal web traffic, assuming common practices like TLS, CSRF tokens, etc, how secure is web traffic?

🕛 1543 Tage, 3 Stunden 8 Minuten
📆 16.01.2020 um 00:12 Uhr
📈 19.37 Punkte

📌 NSA 'Traffic Shaping' Can Divert US Internet Traffic For Easier Monitoring

🕛 2471 Tage, 12 Stunden 37 Minuten
📆 01.07.2017 um 15:34 Uhr
📈 19.37 Punkte

📌 Bad bot traffic increases, comprising almost one quarter of all website traffic

🕛 1444 Tage, 22 Stunden 6 Minuten
📆 23.04.2020 um 05:30 Uhr
📈 19.37 Punkte

📌 NeDi 1.9C Nodes Traffic /Nodes-Traffic.php md/ag os command injection

🕛 1132 Tage, 12 Stunden 35 Minuten
📆 01.03.2021 um 15:52 Uhr
📈 19.37 Punkte

📌 FB-Traffic (früher: Fritz!Box Traffic) 1.1.7314.41 Englisch

🕛 1053 Tage, 17 Stunden 52 Minuten
📆 19.05.2021 um 10:56 Uhr
📈 19.37 Punkte

📌 Become a Traffic Wizard: A Beginner's Guide to Routing Traffic with Apache AGE

🕛 363 Tage, 4 Stunden 2 Minuten
📆 10.04.2023 um 00:11 Uhr
📈 19.37 Punkte

📌 Artificial Inflation of Traffic: So schadet SMS Traffic Pumping

🕛 61 Tage, 23 Stunden 1 Minuten
📆 05.02.2024 um 05:04 Uhr
📈 19.37 Punkte

📌 The Traffic Police 🚨 - Controlling outgoing traffic with mirrord

🕛 40 Tage, 11 Stunden 12 Minuten
📆 26.02.2024 um 16:02 Uhr
📈 19.37 Punkte

📌 Apache Traffic Control Traffic Router TCP Connection Slowloris Denial of Service

🕛 2460 Tage, 20 Stunden 3 Minuten
📆 10.07.2017 um 00:00 Uhr
📈 19.37 Punkte

📌 Ntopng - Web-based Traffic And Security Network Traffic Monitoring

🕛 1864 Tage, 13 Stunden 52 Minuten
📆 28.02.2019 um 13:37 Uhr
📈 19.37 Punkte

📌 Ntopng - Web-based Traffic And Security Network Traffic Monitoring

🕛 1864 Tage, 13 Stunden 52 Minuten
📆 28.02.2019 um 13:37 Uhr
📈 19.37 Punkte

📌 Modifying Network Traffic in Linux: 4 cases when you might need to modify network traffic

🕛 563 Tage, 8 Stunden 52 Minuten
📆 21.09.2022 um 18:54 Uhr
📈 19.37 Punkte

📌 RedditC2 - Abusing Reddit API To Host The C2 Traffic, Since Most Of The Blue-Team Members Use Reddit, It Might Be A Great Way To Make The Traffic Look Legit

🕛 369 Tage, 12 Stunden 33 Minuten
📆 03.04.2023 um 14:30 Uhr
📈 19.37 Punkte

📌 API7 Enterprise's Canary Traffic Shifting Strategy for Precise Traffic Control

🕛 68 Tage, 18 Stunden 42 Minuten
📆 29.01.2024 um 08:48 Uhr
📈 19.37 Punkte

matomo