I've gone to using syslog-ng to keeping logs separated out, and to preserve logs for a long time for record purposes. Now it occurs to me that someone could say, "Gee, how do we know that these logs haven't been altered?" What about a digital signature for each log? How would you go about this? I was thinking of using gpg (GNU Privacy Guard) but haven't gotten far enough to know how - and my reference book is the PGP book from O'Reilly and Associates. ----------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Thu Jul 19 2001 - 16:42:28 PDT