Solved

Benefit of using Loopback address on a switch/router for Syslog traffic

Posted on 2009-06-29
6
1,649 Views
Last Modified: 2012-05-07
Anyone know what the benefit is as far as security goes in using a loopback address as the source address for a switch/router's Syslog traffic?  How is the loopback address used here?
0
Comment
Question by:elly960
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
6 Comments
 
LVL 9

Expert Comment

by:jfer0x01
ID: 24739624
Hello,

protecting requests to syslog files is very important, it is a recommended pratice, in case you need to access the device

 i found a post from cisco which discusses the importance of the loopback interface

http://www.ciscopress.com/articles/article.asp?p=27137

i also found another pertaining to said practice

http://thwack.com/blogs/geekspeak/archive/2008/09/30/the-value-of-manging-via-loopback-addresses.aspx

heres an example of a configuration taken from

http://www.seccug.org/Presentations/CiscoUniv-20060406.ppt

                     access-list 80 permit 10.0.1.101
      access-list 90 permit 10.0.1.101
      snmp-server community .* RO 80
      snmp-server community .* RW 90
      snmp-server host 10.0.1.101 .*
      logging 10.0.1.101
      logging source-interface Loopback0
      logging facility syslog
      snmp-server enable traps tty
0
 
LVL 7

Expert Comment

by:tankergoblin
ID: 24739795
loopback is use to test on network functionality. It also use for some application applications to work together by intersocket communication - localhost provides that address so that the elements can all work on the same PC. It also enables you to run a web/ftp/ any other server on the same PC that you are working on without having to know the allocated IP address from a DHCP server.To make things short,  it just makes life a lot simpler, and prevents anyone having to worry about the complexities of the outside world if the 2 processes are on the same machine.

0
 

Author Comment

by:elly960
ID: 24747472
jfer0x01,
When I read articles regarding the loopback address, the articles have one common point which is that it provides Availability to due to its virtual interface.  I understand the importance of this.  However, I'm still kind of fuzzy about the loopback address in relation to syslog files/traffic.   Is it important to use a loopback address with syslog traffic because we want syslog traffic to be failsafe?  or is there another reason like a hacker can't get to the source of the syslog traffic if we use a loopback address since it's virtual?  I still can't find any good discussion or article on this.
Thanks.
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 9

Accepted Solution

by:
jfer0x01 earned 50 total points
ID: 24759831
Hello,

protecting the information is your goal

if you can only reach it via loopback device, it determines that you must be physically connected to the device, and no eavesdropping can occur for this information

it is an old practice, that is still used

http://ws.edu.isoc.org/data/2003/9642836473fa01ff7e00d9/loopback-1up.pdf

The first couple of slides explains the benefits of this method

Jfer
0
 
LVL 9

Expert Comment

by:jfer0x01
ID: 24817536
Any more questions?

0
 
LVL 9

Expert Comment

by:jfer0x01
ID: 24891033
Hi,

please award points or close question

Jfer
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Cybersecurity has become the buzzword of recent years and years to come. The inventions of cloud infrastructure and the Internet of Things has made us question our online safety. Let us explore how cloud- enabled cybersecurity can help us with our b…
PRTG Network Monitor lets you monitor your bandwidth usage, so you know who is using up your bandwidth, and what they're using it for.
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question