or a more plusible idea is to log to paper. > > Why not just log everything to write once media such as a Worm drive... > > I also believe there is some help in using "security through obscurity", > whereby you place wrapper logs etc. in a logfile where a whole lot of > irrelevant logging goes too (for example, the ftp xferlog, or somesuch). > > ...I mean while we are on the issue of "more secure". Nothing is, of > course. > > Tor. > > > > > One problem here is that the knowledgable hacker also knows where to > > look and will clean up after/during the attack. Therefore wrappers > > and secondary logging to an alternate host is a more secure way (note > > I say more secure and not secure) of ensuring audit trails are valid. >