Date: Sun, 19 Sep 1999 19:15:21 -0600 From: cstone@pobox.com To: Brett Glass <brett@lariat.org> Cc: freebsd-security@freebsd.org Subject: Re: Real-time alarms Message-ID: <19990919191521.A2048@pobox.com> In-Reply-To: <4.2.0.58.19990919175752.04577a20@localhost>; from Brett Glass on Sun, Sep 19, 1999 at 06:11:52PM -0600 References: <4.2.0.58.19990918201409.047f9f00@localhost> <199909180612.AAA00597@harmony.village.org> <4.2.0.58.19990918093306.047917c0@localhost> <37E4449B.ADDD68EE@softweyr.com> <4.2.0.58.19990918201409.047f9f00@localhost> <199909191933.NAA25843@mt.sri.com> <4.2.0.58.19990919175752.04577a20@localhost>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, Sep 19, 1999 at 06:11:52PM -0600, Brett Glass wrote: > At 01:33 PM 9/19/99 -0600, Nate Williams wrote: > > >Email is trivial to forge > > With strong encryption? Possibly so, if you're dealing with a compromise of the agent which is sending the mail. > >and/or snarf, > > Depends how it's done. > > >and is not > >secure by any stretch of the imagination. > > More strides have been made toward good security for e-mail than for > any other type of computer facility. Why? because e-mail is the thing > that people, overall, MOST want to be secure. > That's the reason why I suggest it. It's not always the ideal method > for secure notification, but the ways of authenticating and securing it > are better developed than for other methods. So, it may be the best bet, > at least to start. I agree that report generation by mail would be a useful facility, but I think that there should be a standard entity dedicated to receiving alert/activity data and (if necessary) acting on that data. There are several other notification mechanisms which could be useful as well, but they are all relatively easily implemented. It is important that notification be as flexible as possible. The real issues, at this point, are the choices behind the code which is gathering activity data and the criteria which define an alert. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19990919191521.A2048>