[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ale] automating IP blocking on the firewall

Subject: [ale] automating IP blocking on the firewall
From: hne at hopnet.net (Keith Hopkins)
Date: Mon, 01 Jul 2002 22:59:15 +0900

James P. Kinney III wrote:
> Run it from the firewall box.
> At the top, setup a scp connection and grap the remote logs and dump
> them into /tmp. The change the $log def to point the /tmp instead. If
> you setup key authentication for ssh, you can run scp -B
> user at remote:/var/log/httpd/error* /tmp/httpd/
> 
> Or an rsync process could be called to keep a copy of the remote logs
> synched with the firewall box.
> 

I'm thinking something along those lines, but I want to push from the web server.  I want the firewall as isolated as possible, incase it gets hacked, it has no open doorway to any other machine.  Having the firewall open to the web server is OK.  I thinking about keeping a master list on the web server, pushing it down whenever it is updated (or 5 min, whichever is longer).  Don't want to much overhead on the firewall, as it is a slim to bare metal machine.

rsync is a maybe.

-- 
Lost in Tokyo,
   Keith

---
This message has been sent through the ALE general discussion list.
See http://www.ale.org/mailing-lists.shtml for more info. Problems should be 
sent to listmaster at ale dot org.

Prev by Date: [ale] something's eating cycles
Next by Date: [ale] something's eating cycles
Previous by thread: [ale] Linux on Laptops
Next by thread: [ale] OT: Free Books
Index(es):
- Date
- Thread