<a href="http://g.adspeed.net/ad.php?do=clk&zid=14678&wd=728&ht=90&pair=as" target="_top"><img style="border:0px;" src="http://g.adspeed.net/ad.php?do=img&zid=14678&wd=728&ht=90&pair=as" alt="i" width="728" height="90"/></a>

Nmap Security Scanner

Docs
Security Lists

Full Disclosure

More
Security Tools

Packet crafters

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

edgeos

Firewall Wizards: Re: WORM file system for logging

Re: WORM file system for logging

From: Vinci Chou <vkmchou_at_hk.super.net>
Date: Mon, 10 Aug 1998 18:13:06 +0800 (HKT)

Andreas Siegert wrote:

> This still allows tampering by the sysadmin. The original idea behind
> the WORM drive was to make it even temper proof against the admins.

We are using a small simple program running as a demon to look at those
logs we want to keep and write the logs record by record to an optical
drive on write-once media. When we need to retrieve the log, another
program read everything from the media and separate them into the original
log files. Any comments on this approach ?

However, I don't think anything could be tamper proof against the admins,
if the admins have physical access to the drive or media or the system
itself (and by definition an admin must have access to the system).

Vinci
Received on Aug 10 1998

This message: [ Message body ]
Next message: Brian Steele: "Re: Screening Outgoing Mail for Content"
Previous message: Chris Crozier: "RE: Screening Outgoing Mail for Content"
Maybe in reply to: Andreas Siegert: "WORM file system for logging"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]

edgeos