Re[2]: [logs] log review policies

From: Richard Welty (rweltyat_private)
Date: Tue Oct 16 2001 - 17:50:12 PDT

Next message: Jason Haar: "Re: [logs] log review policies"

Previous message: Russell Fulton: "Re: [logs] Best Practices for Application Logging"
In reply to: Ralf Hildebrandt: "Re: [logs] log review policies"
Next in thread: Marcus J. Ranum: "Re: [logs] log review policies"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, 16 Oct 2001 09:32:23 +0200 Ralf Hildebrandt <Ralf.Hildebrandtat_private> wrote:

> On Mon, Oct 15, 2001 at 06:12:04AM -0400, peff-loganalat_private wrote:

> > But if all of the admin workstations are cookie-cuttered, then breaking
> > into the SMTP server on one means you can break into all of them.
> 
> Well, you don't have to use sendmail. There are still Postfix and qmail.

and exim, which doesn't have the extensive theoretical security model of
qmail and postfix, but which has an rather good record of no known exploits in
any version for the past several years.

cheers,
   richard (a happy exim user since 1996)



---------------------------------------------------------------------
To unsubscribe, e-mail: loganalysis-unsubscribeat_private
For additional commands, e-mail: loganalysis-helpat_private

Next message: Jason Haar: "Re: [logs] log review policies"
Previous message: Russell Fulton: "Re: [logs] Best Practices for Application Logging"
In reply to: Ralf Hildebrandt: "Re: [logs] log review policies"
Next in thread: Marcus J. Ranum: "Re: [logs] log review policies"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Tue Oct 16 2001 - 19:22:48 PDT