[lug] sending log files to another machine

Michael Deck deckm at cleansoft.com
Mon Jan 10 14:36:42 MST 2000 

Something I do (for other purposes) is

cat log_file | mail user at machine

I often do this in various cron jobs so that I can see the output. If you 
aren't sending stuff that contains security info, but just logs, and it 
isn't too immense, it might be the ticket. Another nice thing is that every 
morning a little file winds up in my in-basket and I can just see if 
there's anything out of whack. If you had a little email sniffer job 
running at user at machine, you could download these guys and 
parse/analyze/store them.

Just a thought.

-Mike

At 01:37 AM 1/10/00 -0700, winrip wrote:
>  I'm hoping someone in the group can help me out with this request.  I
>resently noticed, after a reboot no less, that my issue and issue.net
>files have had a couple words changed since I made modifications to them
>a week ago. Only to words have been changed but I don't like the fact
>that I didn't put them there. I've checked the log files, I've checked
>file creation dates on files I feel someone would want to at least peek
>into but everything seems in order. Portsentry reports no unusual
>activity, at least the logs haven't been changed since last I looked.
>the only services I have open, besides what ports portsentry opens to
>monitor, are httpd, ftp, and telnet. Telnet is running via a bogus
>deamon that just logs username and password attempts and does not have
>the ability to log someone into the system. Ok history is complete on to
>the question.
>
>  What I would like to do is every so often is copy the log files to
>another machine. Now what would be the best way to do this? I know NFS
>is insecure, I could use cron and an expect script to write the files to
>a dos partition on another machine, but I don't want to do that. So I'm
>just looking for suggestions of the most secure way to write these files
>to another machine. Once on the other machine I was thinking of writing
>them to CDR so I have a copy that I know hasn't changed since it was
>written.
>
>  Over Kill for a home system? I think not.....heheh
>
>Thanks for the help.
>Bill.
>
>
>_______________________________________________
>Web Page:  http://lug.boulder.co.us
>Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug


Michael Deck
Cleanroom Software Engineering, Inc.

More information about the LUG mailing list