Openwall Project   /home  Owl  JtR  Pro  crypt  pam_passwdqc  tcb  phpass  scanlogd  popa3d  msulogin  /  Linux  BIND  /  advisories  presentations  /  services  donations  /  wordlists  passwords  /  community  lists  wiki  CVSweb  mirrors  signatures
bringing security into open environments
 
This website is powered by Openwall GNU/*/Linux security-enhanced OS
[<prev] [next>] [<thread-prev] [month] [year] [list] 
Date: Wed, 27 Nov 2002 12:11:37 +0300
From: Solar Designer <solar@...nwall.com>
To: owl-users@...ts.openwall.com
Subject: Re: Syslog replacement?

On Wed, Nov 27, 2002 at 07:02:59PM +1100, Emmanuel Galanos wrote:

Hi,

>         Anyone have any ideas for a good syslog replacement for Owl?

I suggest that you don't replace whatever we have currently unless you
modify the replacement in a similar way (to run with reduced privileges).

The plan is still to use Darren Reed's nsyslogd, but that needs more
work.

> I have done a brief search and:
> 
>         http://www.corest.com/products/corewisdom/CW01.php
> 
> looks promising.

Last time I checked, it didn't offer secure realtime remote logging.
All it did was to sign locally stored log records such that if they're
tampered with that would be noticed.  But there was nothing to stop
the intruder from wiping logs, so all you would notice is that there
has been an intrusion and the logs have been wiped.

-- 
/sd

Hosted by DataForce ISP - Powered by Openwall GNU/*/Linux