Re: "Dropsafe" logs

["Steven M. Bellovin" <smb () research att com>]

In message <199904081905.PAA21893 () rehost com>, Bret McDanel writes:
> ---Reply on mail from Steven M. Bellovin about "Dropsafe" logs 
>
> > In message <199904081003.KAA12670 () idc057 IDC CTBTO ORG>, Scott Crawford wri
> tes:

> > > We are seeking a means to implement real-time write-once "dropsafe" logs o
> f o
> > > ur 
> > > firewall bastion in case of a system failure or a hacker trying to cover t
> hei
> > > r 
> > > tracks.  Unfortunately, unless there's an alternative I'm not aware of, a 
> CD-
> > > R 
> > > requires a complete disk image in ISO 9660 format to be burned into the 
> > > writeable disk all at once, which means we either have to wait until we ha
> ve 
> > > nearly 640 MB of logfiles to write or waste an awful lot of writeable disk
>  
> > > space.
> >
> > You may need to redefine "waste".  30 seconds looking at the Web
> > shows a 3.2G IDE drive for ~$100, and 9G UltraSCSI for $400.
> Thought he said 'waste' in reference to CD roms..  Using a CD-R to record
> logs - as he indicated - requires that you build a filesystem image then
> burn that image.  
>
> He also said that he wants 'write-once "dropsafe" logs' which implies that
> you cant use a HD in that example as they are rewritable (unless there is
> a mechanical switch on them that conects a jumper and lets you toggle
> read/write however that isnt as automated as some desire).

There's certainly some ambiguity in the original request, and your reading
may be closer to the intent than mine was.  I'll defend myself by noting
that the rest of my response suggested a $500 Linux box.  The medium
itself isn't write-once, but the service is.