On Thu, 6 Dec 2001 11:39:32 +1300 Steve Wray <steve.wrayat_private> wrote: > Ok so the logs are written to CDROM *and* PGP signed I guess this discussion is all terribly interesting. at one time, i'd been considering a business plan for a data integrity business, and one of the concepts was to run offsite backup for customer data in a facility with no common staff or management, using hashes (MD5 or SHA1) of the data for ongoing comparison of data between the main site and the backup site, to detect tampering after the fact. logs would have been a major part of this backup facility. one further note: most of your better SQL databases have some built in defense against tampering as part of their own internal data integrity process; if you choose to log into an Oracle or DB2 backend (possibly even PostgreSQL, i'll have to check) you have already implicitly put in some pretty good defenses against the sneaky & malicious intruder. cheers, richard -- Richard Welty Averill Park Networking rweltyat_private Unix, Linux, IP Network Engineering, Security rwelty@krusty-motorsports.com 518-573-7592 --------------------------------------------------------------------- To unsubscribe, e-mail: loganalysis-unsubscribeat_private For additional commands, e-mail: loganalysis-helpat_private
This archive was generated by hypermail 2b30 : Fri Dec 07 2001 - 08:32:36 PST