Date: Sun, 11 Jul 1999 18:36:48 +0200 From: Eivind Eklund <eivind@FreeBSD.ORG> To: Warner Losh <imp@village.org> Cc: proff@suburbia.net, alla@sovlink.ru, avalon@coombs.anu.edu.au, security@FreeBSD.ORG Subject: Re: Syslog alternatives? Message-ID: <19990711183648.A597@bitbox.follo.net> In-Reply-To: <199907091638.KAA20428@harmony.village.org>; from Warner Losh on Fri, Jul 09, 1999 at 10:38:16AM -0600 References: <19990709163459.22243.qmail@suburbia.net> <199907091638.KAA20428@harmony.village.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, Jul 09, 1999 at 10:38:16AM -0600, Warner Losh wrote: > In message <19990709163459.22243.qmail@suburbia.net> proff@suburbia.net writes: > : Just because you can't think of an answer doesn't mean there isn't one :) > > So elighten me :-) 1. Set up a distributed secure timestamp service (this is non-trivial but doable - you need to base yourself on a trust model where you assume a random N-out-of-M timestamp server will not all fake timestamp signatures, and a lot of constraints on how the timestamp client is allowed to select servers to use). 2. Hash portions of your log regularly (e.g, every hour). 3. Get a timestamp signature on your hash, and store it. Of course, this depends on for what purpose you want your log to be trustworthy. Eivind. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19990711183648.A597>