Firewall Wizards mailing list archives
Re: WORM file system for logging
From: Vinci Chou <vkmchou () hk super net>
Date: Mon, 10 Aug 1998 18:13:06 +0800 (HKT)
Andreas Siegert wrote:
This still allows tampering by the sysadmin. The original idea behind the WORM drive was to make it even temper proof against the admins.
We are using a small simple program running as a demon to look at those logs we want to keep and write the logs record by record to an optical drive on write-once media. When we need to retrieve the log, another program read everything from the media and separate them into the original log files. Any comments on this approach ? However, I don't think anything could be tamper proof against the admins, if the admins have physical access to the drive or media or the system itself (and by definition an admin must have access to the system). Vinci
Current thread:
- Re: WORM file system for logging, (continued)
- Re: WORM file system for logging Joseph S. D. Yao (Aug 06)
- Re: WORM file system for logging Bobo Rajec (Aug 07)
- Re: WORM file system for logging Doug Hughes (Aug 07)
- Re: WORM file system for logging David Collier-Brown (Aug 05)
- RE: WORM file system for logging Resino, Robert G. (Aug 03)
- Re: WORM file system for logging Andreas Siegert (Aug 04)
- Re: WORM file system for logging Paul McNabb (Aug 06)
- RE: WORM file system for logging Andrew J. Luca (Aug 07)
- Re: WORM file system for logging Andreas Siegert (Aug 07)
- Re[2]: WORM file system for logging Andrea . Zuccollo (Aug 07)
- Re: WORM file system for logging Vinci Chou (Aug 10)