[Gllug] DMZ to inside copy

Bruce Richardson itsbruce at uklinux.net
Thu Jan 15 14:52:21 UTC 2004


On Thu, Jan 15, 2004 at 02:36:55PM -0000, Kristian wrote:
> Hi,
> 
> Mandrake 9.2, paranoid install.
> 
> I want copy some log files from a machine in a DMZ.  The only port open is
> ssh.  There are only two users on the box, root and one other, root cannot
> login directly only through the issue of su, the other account does not have
> access to the log directory.  The machine in question does not have access
> to the inside lan.
> 
> What is the best way to automatically grab the log files from another linux
> box in the inside..? :-)

You could use scp.  With that option, you could either give the user
account read access to the logs or you could write a script that dumps a
copy of the relevant logs into the user account's homedir and put it in
a cron job or configure sudo so the user can run the script as root.

You could use e-mail.  Write a script that e-mails the logs.  OK, this
means the logs will travel over an insecure transport (over the public
internet to your gateway mail server) but you can always have the script
encrypt the logs using gpg before mailing them.  Again, this could be a
cronjob or a script the user runs.

-- 
Bruce

Remember you're a Womble.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 261 bytes
Desc: Digital signature
URL: <http://mailman.lug.org.uk/pipermail/gllug/attachments/20040115/c16760cb/attachment.pgp>
-------------- next part --------------
-- 
Gllug mailing list  -  Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug


More information about the GLLUG mailing list