Gene Spafford wrote: > > [ Moderator Note: This message was previously truncated - due to a period `.' > incorrectly placed at the begginging of a line. Computer Risks B) ] > > > I caught some of the conversation on audit trails and the likes, and wanted > > to know if anyone knows any FAQ's, web pages, or books..etc, that explain a > > bit on how one could have local log files, and also log the same info > > remotely, making it a great deal harder for an intruder to erase his prescense. > > I used a book by W. Cheswick and S Bellovin, 'Firewalls and Internet Security: Repelling the Wily Hacker' in some research I did. It is quite informative and the authors, (from AT&T), clearly have a sound working knowledge of Unix/Internet/Security etc. This book also provided me with many links to other information/sites. One of the authors, Bill Cheswick, has a web page where you could contact him for more info: http://www.lucent.com/Family/Docs/bill2.html Anton Bouwer