Date: Wed, 09 Dec 1998 20:06:51 -0500 From: "Gary Palmer" <gpalmer@FreeBSD.ORG> To: Jim Yuill <jjyuill@eos.ncsu.edu> Cc: FREEBSD-SECURITY@FreeBSD.ORG Subject: Re: append-only devices for logging Message-ID: <12616.913252011@gjp.erols.com> In-Reply-To: Your message of "Wed, 09 Dec 1998 18:53:23 EST." <3.0.5.32.19981209185323.0093dc90@pop-in.ncsu.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
Jim Yuill wrote in message ID <3.0.5.32.19981209185323.0093dc90@pop-in.ncsu.edu>: > I've been looking for an append-only device for logging, which a remote > hacker (with root access) can not erase or alter. Other than a > line-printer, are there any such devices that actually work with Unix? Sure, why does it have to be a line printer at the other end of the serial/parallel cable? It could be a PC that just logs the data it gets over a raw serial connection (i.e. one way, no return) ... if the only access to that machine is the console, does that meet your requirements? The other option is the `sappnd' flag and a higher run level, but you need to reboot to do log rotation. Gary -- Gary Palmer FreeBSD Core Team Member FreeBSD: Turning PC's into workstations. See http://www.FreeBSD.ORG/ for info To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?12616.913252011>