SysLog-NG: Secure communication

Good morning experts!

I have "syslog-ng" installed on a "Fedora Core 4" which receives logs from my PIX.  Now that I've established connectivity with my PIX, I am wanting to secure the communication between the two devices.  Been doing some reading (and more reading), but does anybody know of a link which can show me the step by step process as to how to establish an SSL between my syslog-ng server and my PIX?  I think this is what I need?

As always, thank you!  In advance for your time on this matter.
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

> which receives logs from my PIX
Do You want the PIX to log to Your linux via ssl/ssh tunnel? I'm afraid it's impossible. remote logginig is done with UDP protocol, which in turn is unreliable for ssl tunelling.
Even it was TCP and You would present ssl port on Your linux (which is easily done with stunnel or ssh) You can't hack the PIX to send its logs on ssl link - right?
BinaryJobAuthor Commented:
What about using "stunnel"?  This is the part where I get confuse.  Where does "stunnel" come into play.  Tried searching this site and not much info.   Currently doing a google, and still reviewing the results.
> Where does "stunnel" come into play.
does your PIX support stunnel? can you start stunnel on your PIX?
if not, it doesn't play.

If your PIX sends the the messages using SSL to a specified tcp port on your syslog-host, then start stunnel on the syslog-host and redirect to the proper port (514) there. In syslog-ng-conf you then probably need
  options { keep_hostname(yes); };
Acronis True Image 2019 just released!

Create a reliable backup. Make sure you always have dependable copies of your data so you can restore your entire system or individual files.

PIX does not send messages over SSL tunnel.
The stunnel was an example, that even if You could expose ssl port on Your linux box (stunnel is the proper tool - ssl wrapper), You PIX would not use it...

The Syslogd-NG itself doesn't support encryption and neither authentication of packets. :(

So, as other EE users spoken, you can use stunnel, that is a application that create a tunnel in bothe side applications, with intention to "give support to add encryption" to softwares that doesn't implement it.

The big deal is, your PIX should have SSL support, so you are in a bad situation.

A workarround is create,  ( via cross over cable) a linxu box, that will recive logs from PIX, so in other interface, it use stunnel and resend to original Syslogd-NG. :)

In other hand, use stunnel itself, already is a workarround and enhance the chance of problems...

Hope this help.

Solved the problem ? :)
sounds that there is no solution yet
if the other experts agree I'd PAQ with refund
I don't have nothing to add, since the author doesn't say if it worked or not...

ps: What means "refund" ?

PAQed with points refunded (500)

Community Support Moderator

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Linux Security

From novice to tech pro — start learning today.