Backups & Monitoring

From: anindya (anindya@goonda.org)
Date: 06/26/02

• Previous message: Ian Peters: "RE: Gateway IDS"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: Wed, 26 Jun 2002 16:33:04 -0400 (EDT)
From: anindya <anindya@goonda.org>
To: focus-ids@securityfocus.com

Hey folks,

I have general questions for you folks about backups of IDS
historical data. In general:

1) How long are you archiving old IDS logs for? I've heard
   everything from 2 weeks to 2 years.
2) Are your backups separate from the regular backups that
   occur of other hosts on the network? i.e. a local
   jukebox, netapp, whatever? Are the tapes/DVDs,
   being stored separately?
3) Are any of you encrypting the IDS logs pre-backup?

If you _don't_ decide to put the sensor admin interface on the
internal network (more secure), then how are you
doing proactive host monitoring? I think the benefits
of being able to leverage an existing monitoring
and backup solution may outweigh the potential
security benefit. What do you think?

Thanks,
--Anindya

---

• Previous message: Ian Peters: "RE: Gateway IDS"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Mailing-Lists  > securityfocus  > focus-ids  > 2002-06