Re: "Dropsafe" logs

[Bret McDanel <bret () rehost com>]

---Reply on mail from Steven M. Bellovin about "Dropsafe" logs 

> In message <199904081003.KAA12670 () idc057 IDC CTBTO ORG>, Scott Crawford writes:
> > Greetings --
> >
> > We are seeking a means to implement real-time write-once "dropsafe" logs of o
> > ur 
> > firewall bastion in case of a system failure or a hacker trying to cover thei
> > r 
> > tracks.  Unfortunately, unless there's an alternative I'm not aware of, a CD-
> > R 
> > requires a complete disk image in ISO 9660 format to be burned into the 
> > writeable disk all at once, which means we either have to wait until we have 
> > nearly 640 MB of logfiles to write or waste an awful lot of writeable disk 
> > space.
>
> You may need to redefine "waste".  30 seconds looking at the Web
> shows a 3.2G IDE drive for ~$100, and 9G UltraSCSI for $400.
Thought he said 'waste' in reference to CD roms..  Using a CD-R to record
logs - as he indicated - requires that you build a filesystem image then
burn that image.  

He also said that he wants 'write-once "dropsafe" logs' which implies that
you cant use a HD in that example as they are rewritable (unless there is
a mechanical switch on them that conects a jumper and lets you toggle
read/write however that isnt as automated as some desire).


-- 
Bret McDanel                                    http://www.rehost.com
Realistic Technologies, Inc.                             973-514-1144

     These opinions are mine, and may not be the same as my employer