RE: WORM file system for logging

["Andrew J. Luca" <andrewluca () mediaone net>]

We looked into this at a former employer for storing both firewall and funds
transfer information from a UNIX based server.  Although we decided not to
implement it, we found that it was still possible to delete files from the
WORM drive since the drive relied upon the standard UFS based structures.

        However, the mitigating factor was that although it would be possible to
destroy log files, the data was still recoverable by reading the disk a
block at a time and writing it out to a file.  Not a fun solution but it
works.

Just a thought.

Drew

-----Original Message-----
From:   owner-firewall-wizards () nfr net [mailto:owner-firewall-wizards () nfr net]
On Behalf Of Andreas Siegert
Sent:   Monday, August 03, 1998 10:11 AM
To:     firewall-wizards () nfr net
Subject:        WORM file system for logging

Hi,
I am desperately looking for a WORM file system for logging purposes.
I want to be able to write to a WORM drive in sort of real time from syslog.
If that is not possible, I'd at leat would like to be able to copy the
syslog
file once a day to it and have a reasonable method of retrieving the
individual
files.

Everything I found so far was large library management systems that needed a
huge overhead for the directory structure, often an extra disk. Not really
desireable for a log host....

We can't write our own file system, due to lack of resources and time.

I'd be very happy about any hints

thx
afx

--
Andreas Siegert       afx () ibm de / afx () barolo munich de ibm com / AFX at
IPNET
PGP Key:http://www.muc.de/~afx/pubkey.asc, KeyId AB26FD05