RE: Signs of an Intruder

Swee-Chuan Khoo (sckhoo@tm.net.my)
Thu, 28 Nov 1996 08:21:58 +0800

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Troy: "Re: DL fils on WWW pages from FTP"
Previous message: Mark_W_Loveless@smtp.bnr.com: "Re[2]: Audit trails"

At 06:27 PM 11/25/96 EST, you wrote:
>to detect what has changed and protect your logs by sending them off to
>a secured environment.

yeah, that seems like a good idea, i got an intruder who use a valid account
to telnet in and mess around and also modify the log file.

Couple of mail ago, someone mentioned about making the loghost very secure,
something about UDP and turn off xmit line, can you elaborate? 


thanx.

+-----------------------------------------------------------------------+
| Khoo Swee Chuan - TMnet system administrator                          |
| http://www.asiapac.net/~sckhoo/       sckhoo@asiapac.net              |
| tel:603-7337757  fax:603-7345577    #include <std.disclaimer>         |
| ******  To join MYISOC mailing list, try majordomo@tm.net.my ******** |
+-----------------------------------------------------------------------+
Contrary to popular belief, Unix is user friendly.  It just happens
to be very selective about who it decides to make friends with.

Next message: Troy: "Re: DL fils on WWW pages from FTP"
Previous message: Mark_W_Loveless@smtp.bnr.com: "Re[2]: Audit trails"