SRS (Secure Remote Streaming)
Platforms:
BSDI,
Linux,
Solaris
Categories:
Applications,
Auditing,
Cryptography,
File Integrity,
General,
Log Analysis,
Network Utilities,
Replacement,
Traffic Encryption,
Tunneling
Version: 1.0
URL: http://www.w00w00.org/files/SRS/
SRS is a program that streams a copy of a client's logs as specified by the syslog.conf file to a trusted server on a remote site. It provides strong authentication and secure communications between the client and the server through an SSL tunnel. It is intended as a replacement for syslogd. This and syslogd may NOT be running at the same time.
Features include:
- Secure logging. All communications are automatically and transparently encrypted. SSL (Secure Socket Layer) v3.0 is used for the authentication and encryption. A conventional cipher (3DES, RC4, etc.) for encrypting the session. Encryption is started before SRS authentication, and no data is streamed or transmitted in the clear
- No special configuration of syslogd is needed
- Never trusts the network. Minimal trust on the remote side of the connection. Minimal trust on domain name servers. Pure SSL authentication never trusts anything but the private key.
- The client SSL authenticates the server machine in the beginning of every connection to prevent trojan horses (by routing or DNS spoofing) and man-in-the-middle attacks, and the server SSL authenticates the client machine before accepting any commands or requests from the client. On top of this, SRS will send its own challenge cookie - Client and server keys are generated by RepSec, Inc. Each client and server is provided a unique key
