Re: Remote Logging

Gene Spafford (spaf@cs.purdue.edu)
Sun, 08 Dec 1996 19:47:34 -0500

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Gene Spafford: "Re: Remote Logging"
Previous message: Markus H|bner: "Security & Hackerscene site"
In reply to: Mike: "Remote Logging"
Next in thread: Gene Spafford: "Re: Remote Logging"

[ Moderator Note: This message was previously truncated - due to a period `.'
incorrectly placed at the begginging of a line. Computer Risks B) ]

> I caught some of the conversation on audit trails and the likes, and wanted
> to know if anyone knows any FAQ's, web pages, or books..etc, that explain a
> bit on how one could have local log files, and also log the same info
> remotely, making it a great deal harder for an intruder to erase his prescense.
> 

Chapter 10 of "Practical Unix & Internet Security" (O'Reilly &
Associates, 1996) contains a fairly full description of the various
log files on most vesions of Unix, and about methods of replicating
logs to a printer or remotely.

The rest of the book also provides an in-depth treatment of about
9/10s of the material that seems to get discussed again and again in
these mailing lists.  A lot of things could be answered if people
would simply read their manuals or read the book.

Of course, I am a bit biased -- I did spend almost a year helping to
write the book. :-)

It makes a great Christmas stocking stuffer (if you have big
stockings).  See <http://www.ora.com/item/pus2.html> for more details.

--spaf

Next message: Gene Spafford: "Re: Remote Logging"
Previous message: Markus H|bner: "Security & Hackerscene site"
In reply to: Mike: "Remote Logging"
Next in thread: Gene Spafford: "Re: Remote Logging"