Date: Tue, 15 Jan 2008 01:17:57 +0100 From: =?ISO-8859-1?Q?Jan_M=FCnther?= <jan.muenther@nruns.com> To: Tim Clewlow <tim1timau@yahoo.com> Cc: Dan Lukes <dan@obluda.cz>, freebsd security <freebsd-security@freebsd.org> Subject: Re: Anti-Rootkit app Message-ID: <478BFBB5.7000100@nruns.com> In-Reply-To: <965729.35921.qm@web50310.mail.re2.yahoo.com> References: <965729.35921.qm@web50310.mail.re2.yahoo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Tim Clewlow schrieb: > > One solution would be to have /var/log/auth.log being tailed out via a serial > port to another computer that is not accessable via a network - or have it sent > to a printer for a permanent hard-copy. It all depends on how much you really > want to do in regard to security. > A good practice is running a log host which has a cable that has only RX wires connected. Cheers, Jan -- Jan Muenther, CTO Security, n.runs AG
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?478BFBB5.7000100>