Date: Wed, 09 Dec 1998 18:53:23 -0500 From: Jim Yuill <jjyuill@eos.ncsu.edu> To: FREEBSD-SECURITY@FreeBSD.ORG Subject: append-only devices for logging Message-ID: <3.0.5.32.19981209185323.0093dc90@pop-in.ncsu.edu>
next in thread | raw e-mail | index | archive | help
I've been looking for an append-only device for logging, which a remote hacker (with root access) can not erase or alter. Other than a line-printer, are there any such devices that actually work with Unix? >From what I understand, a write-once CD has restricted writing capability that would make it unsuitable for logging. According to CERT, these things exist: >Log selected data to a write-once/read-many device (e.g., a >CD-ROM or a specially configured tape drive) to eliminate the >possibility of the data being modified once it is written, or >to a write-only device (e.g., a printer). > >http://www.cert.org/security-improvement/practices/p041.html but I've spent the afternoon looking, and havent' found anything. Thanks in advance for any pointers, Jim ############################################################# Jim Yuill, graduate student Computer Science Department, North Carolina State University 919-513-1894 (w), 919-546-0537 (h) home page: http://www.pobox.com/~jimyuill To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3.0.5.32.19981209185323.0093dc90>