Re: Rooted
From: beakburke (beakburke@netscape.net)
Date: 04/21/03
- Next message: Jem Berkes: "Re: Rooted"
- Previous message: Walter Dnes: "Re: Rooted"
- In reply to: erik: "Re: Rooted"
- Next in thread: Jem Berkes: "Re: Rooted"
- Reply: Jem Berkes: "Re: Rooted"
- Reply: George: "Re: Rooted"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: beakburke <beakburke@netscape.net> Date: Sun, 20 Apr 2003 18:47:56 -0500
> Wrong suggestion. Who will prevent the cracker to mount the other
> partition? Correct. Nobody. _The_ way to go is us a secure loghost if
> one can afford it. For business use this is an absolute need. There
> simply is no better solution.
>
> EJ
The best solution i've ever heard of was directing your log output,
especaily if you have an IDS, to a line printer. That way they are
unable to erase logs unless they have physical access to the
printer/machine. Pretty hard to erase a paper trail.
- Next message: Jem Berkes: "Re: Rooted"
- Previous message: Walter Dnes: "Re: Rooted"
- In reply to: erik: "Re: Rooted"
- Next in thread: Jem Berkes: "Re: Rooted"
- Reply: Jem Berkes: "Re: Rooted"
- Reply: George: "Re: Rooted"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
