Date: Thu, 10 Dec 1998 23:21:31 -0800 (PST) From: Christopher Nielsen <enkhyl@scient.com> To: Jim Yuill <jjyuill@eos.ncsu.edu> Cc: FREEBSD-SECURITY@FreeBSD.ORG Subject: Re: append-only devices for logging Message-ID: <Pine.BSF.4.05.9812102317180.26931-100000@ender.sf.scient.com> In-Reply-To: <3.0.5.32.19981209194955.009414b0@pop-in.ncsu.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 9 Dec 1998, Jim Yuill wrote: > >Subject: Re: append-only devices for logging > > > >At 06:53 PM 12/9/98 -0500, you wrote: > >>I've been looking for an append-only device for logging, which a remote > >>hacker (with root access) can not erase or alter. Other than a > >>line-printer, are there any such devices that actually work with Unix? > > > >How about a serial line to a non-networked PC which just logs to a local > >disk? We're going to be setting up something like this with a multiport > >card to monitor a bunch of servers. > > > > > > Will you use uucp to handle the serial comm? Something akin to this was discussed on the cryptography mailing list recently. The result was a suggestion of using xmodem over a serial line. The response is below. >I contend that an xmodem transfer of the file is as secure as a floppy >disk transfer. The truly paranoid would insert a PIC chip which >enforces that only the xmodem protocol could transit the wire, and >then in only one direction. -- Christopher Nielsen Scient: The eBusiness Systems Innovator <http://www.scient.com>; cnielsen@scient.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.05.9812102317180.26931-100000>