Date: Fri, 31 Jul 1998 15:18:43 -0400 From: jadamson@can.eds.com (Adamson, Jason) To: "'thivars@est.is'" <thivars@est.is>, "security@FreeBSD.ORG" <security@FreeBSD.ORG> Subject: RE: Where are your logs? Methods of logging? Message-ID: <01BDBC96.858D7B00@VOY-LAPTOP>
next in thread | raw e-mail | index | archive | help
What about a one way serial connection from your gateway ( or whatever ) to your logging machine. This way no one could mess with the connection. Just a thought. Jason Adamson EDS Canada Network Security Administration jadamson@can.eds.com -----Original Message----- From: Þórður Ívarsson [SMTP:totii@est.is] Sent: Friday, July 31, 1998 8:14 AM To: security@FreeBSD.ORG Subject: Where are your logs? Methods of logging? I notice here on the list that many of us get break in and there are no logs available afterwards. After break in to one of our system I installed system on old but reliable computer and with plenty of diskspace for logs. All services not needed are disabled and firewall that denys everything but incoming logging packets. Now I log everything from every system to that computer, backup the logs every day, and trace them. Is this something that might help us to trace the problems or is this just extra trouble? Þórður Ívarsson thivars@est.is To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?01BDBC96.858D7B00>