Ok so the logs are written to CDROM *and* PGP signed I guess > From: Bennet S. Yee [mailto:bsyat_private] > > if an insider is trying to tamper with the log entries (long) after > the fact, then even writing to a CDR may not be good enough (assuming > it is fast enough). the threat is that maybe the insider can open the > cabinet with the archived log CDRs and substitute his/her own copy. > thus we have devolved into procedural security: making sure only > trusted people have keys to the cabinet containing the CDR log > archive, etc, and that the physical security of the cabinet/safe is > uncompromised. > > if you had an external data archiving facility such as a bank vault w/ > a deposit-only drop box for those CDRs, maybe that'd provide similar > security properties. > > (nothing wrong with good procedural security, btw.) > > -bsy > -------- > Bennet S. Yee Phone: +1 858 534 4614 Email: > bsyat_private > (i often don't capitalize due to tendonitis) > Web: http://www-cse.ucsd.edu/~bsy/ > USPS: Dept of Comp Sci and Eng, 0114, UC San Diego, La Jolla, CA > 92093-0114 > > --------------------------------------------------------------------- To unsubscribe, e-mail: loganalysis-unsubscribeat_private For additional commands, e-mail: loganalysis-helpat_private
This archive was generated by hypermail 2b30 : Wed Dec 05 2001 - 15:13:00 PST