Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Benefit of using Loopback address on a switch/router for Syslog traffic

Posted on 2009-06-29
6
Medium Priority
?
1,687 Views
Last Modified: 2012-05-07
Anyone know what the benefit is as far as security goes in using a loopback address as the source address for a switch/router's Syslog traffic?  How is the loopback address used here?
0
Comment
Question by:elly960
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
6 Comments
 
LVL 9

Expert Comment

by:jfer0x01
ID: 24739624
Hello,

protecting requests to syslog files is very important, it is a recommended pratice, in case you need to access the device

 i found a post from cisco which discusses the importance of the loopback interface

http://www.ciscopress.com/articles/article.asp?p=27137

i also found another pertaining to said practice

http://thwack.com/blogs/geekspeak/archive/2008/09/30/the-value-of-manging-via-loopback-addresses.aspx

heres an example of a configuration taken from

http://www.seccug.org/Presentations/CiscoUniv-20060406.ppt

                     access-list 80 permit 10.0.1.101
      access-list 90 permit 10.0.1.101
      snmp-server community .* RO 80
      snmp-server community .* RW 90
      snmp-server host 10.0.1.101 .*
      logging 10.0.1.101
      logging source-interface Loopback0
      logging facility syslog
      snmp-server enable traps tty
0
 
LVL 7

Expert Comment

by:tankergoblin
ID: 24739795
loopback is use to test on network functionality. It also use for some application applications to work together by intersocket communication - localhost provides that address so that the elements can all work on the same PC. It also enables you to run a web/ftp/ any other server on the same PC that you are working on without having to know the allocated IP address from a DHCP server.To make things short,  it just makes life a lot simpler, and prevents anyone having to worry about the complexities of the outside world if the 2 processes are on the same machine.

0
 

Author Comment

by:elly960
ID: 24747472
jfer0x01,
When I read articles regarding the loopback address, the articles have one common point which is that it provides Availability to due to its virtual interface.  I understand the importance of this.  However, I'm still kind of fuzzy about the loopback address in relation to syslog files/traffic.   Is it important to use a loopback address with syslog traffic because we want syslog traffic to be failsafe?  or is there another reason like a hacker can't get to the source of the syslog traffic if we use a loopback address since it's virtual?  I still can't find any good discussion or article on this.
Thanks.
0
Put Machine Learning to Work--Protect Your Clients

Machine learning means Smarter Cybersecurity™ Solutions.
As technology continues to advance, managing and analyzing massive data sets just can’t be accomplished by humans alone. It requires huge amounts of memory and storage, as well as the high-speed power of the cloud.

 
LVL 9

Accepted Solution

by:
jfer0x01 earned 150 total points
ID: 24759831
Hello,

protecting the information is your goal

if you can only reach it via loopback device, it determines that you must be physically connected to the device, and no eavesdropping can occur for this information

it is an old practice, that is still used

http://ws.edu.isoc.org/data/2003/9642836473fa01ff7e00d9/loopback-1up.pdf

The first couple of slides explains the benefits of this method

Jfer
0
 
LVL 9

Expert Comment

by:jfer0x01
ID: 24817536
Any more questions?

0
 
LVL 9

Expert Comment

by:jfer0x01
ID: 24891033
Hi,

please award points or close question

Jfer
0

Featured Post

Get your Disaster Recovery as a Service basics

Disaster Recovery as a Service is one go-to solution that revolutionizes DR planning. Implementing DRaaS could be an efficient process, easily accessible to non-DR experts. Learn about monitoring, testing, executing failovers and failbacks to ensure a "healthy" DR environment.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This paper addresses the security of Sennheiser DECT Contact Center and Office (CC&O) headsets. It describes the DECT security chain comprised of “Pairing”, “Per Call Authentication” and “Encryption”, which are all part of the standard DECT protocol.
Keystroke loggers have been around for a very long time. While the threat is old, some of the remedies are new!
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…
We’ve all felt that sense of false security before—locking down external access to a database or component and feeling like we’ve done all we need to do to secure company data. But that feeling is fleeting. Attacks these days can happen in many w…
Suggested Courses

618 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question