I also believe there is some help in using "security through obscurity", whereby you place wrapper logs etc. in a logfile where a whole lot of irrelevant logging goes too (for example, the ftp xferlog, or somesuch). ...I mean while we are on the issue of "more secure". Nothing is, of course. Tor. > > One problem here is that the knowledgable hacker also knows where to > look and will clean up after/during the attack. Therefore wrappers > and secondary logging to an alternate host is a more secure way (note > I say more secure and not secure) of ensuring audit trails are valid.