Product Ideas Portal

Got an idea for a new feature? Maybe a tweak to make something work even better? Wish there was an integration with another product to make you even more productive? You've come to the right place.

The Product Ideas Portal lets you submit whatever product feedback you have, good, bad, ugly, and anywhere between.

Want to stay anonymous? Don't worry, no email address or name fields are shared on the public portal. You can create an account which lets you vote on other people's ideas and receive updates when your idea's status changes.

To learn more about how an idea becomes a feature, check out this infographic.

13 Vote

Mutual TLS authentication on SYSLOG-over-TLS connections with X.509 client certificates

The SYSLOG protocol contains no provision for authentication. Without authentication, it's possible for an attacker to spoof or masquerade as the legitimate source (Remote Support appliance) and to inject bogus event information to the SYSLOG receiver.

TLS mutual authentication provides a means for the SYSLOG receiver to authenticate the SYSLOG sender, by checking the fingerprint of the TLS client certificate.

If the transport receiver does not authenticate the transport sender, it may accept data from an attacker. Unless it has another way of authenticating the source of the data, the data should not be trusted. This is especially important if the syslog data is going to be used to detect and react to security incidents.

The transport receiver may also increase its vulnerability to denial of service, resource consumption, and other attacks if it does not authenticate the transport sender. Because of the increased vulnerability to attack, this type of configuration is NOT RECOMMENDED.

RFC 5425 requires that both syslog transport sender (TLS client) and syslog transport receiver (TLS server) MUST implement certificate-based authentication.

Further, RFC 5245 requires that implementations MUST support specifying the authorized peers using certificate fingerprints, as described in Section 4.2.1 and
Section 4.2.2.

Without support for TLS client certificates, BeyondTrust's implementation of SYSLOG-over-TLS is not compliant with RFC 5425 and exposes customers' transport receivers to spoofing and masquerade attacks.

  • Guest
  • May 7 2020
  • Future consideration
  • Attach files
  • Guest commented
    1 Jul 07:54am

    i am in love with this game_ friday night funkin

  • Guest commented
    5 Feb 07:15am

    Technical things are explained and displayed in a very decent manner on this blog page. Keep sharing more updates like this. This blog post is about drupal 7 update manager clogging up. Such updates are very necessary for the proper management of softwares.<a href=""> best reluctant chiller trucks</a>