Re: Signs of an Intruder

John-David Childs (jdc@ism.net)
Sat, 23 Nov 1996 19:35:48 -0700 (MST)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: *Hobbit*: "Re: Netcat probing, logs and detection"
Previous message: Roman Jerman: "DL fils on WWW pages from FTP"
In reply to: Tor Houghton: "Re: Signs of an Intruder"

On Thu, 21 Nov 1996, Tor Houghton wrote:

> 
> I also believe there is some help in using "security through obscurity",
> whereby you place wrapper logs etc. in a logfile where a whole lot of
> irrelevant logging goes too (for example, the ftp xferlog, or somesuch).
> 
And another thing which we all know but bears repeating since one of
my systems was trashed last night beyond all recognition and I didn't
heed this advice:

        send logging information to a separate (secure) machine

I know who it was, but I have no way to prove it without logfiles.
--

jdc

Next message: *Hobbit*: "Re: Netcat probing, logs and detection"
Previous message: Roman Jerman: "DL fils on WWW pages from FTP"
In reply to: Tor Houghton: "Re: Signs of an Intruder"