Do you Trust your System Logs?

    Date04 Dec 2001
    3260
    Posted ByAnthony Pell
    A commonly used technique among computer crackers, and experienced thieves as well, is to erase their fingerprints from the crime scene. This usually means erasing or modifying the logs stored on the computer that will expose them if carefully examined. Unprotected . . . A commonly used technique among computer crackers, and experienced thieves as well, is to erase their fingerprints from the crime scene. This usually means erasing or modifying the logs stored on the computer that will expose them if carefully examined. Unprotected logs will make system security checks an impossible task in most cases. When crackers gain complete access to the system, they gain the ability to read, modify or erase any logs. Let us define "Secure Logging" as the ability to record a given amount of information on a given storage media and be able to check the authenticity of that record later. This is part of the CIA triangle: confidentiality, integrity, and availability.

    This definition says nothing about the security of the storage media where the information is recorded, we must assume that anybody can read, modify or erase it.

    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    What do you think of the articles on LinuxSecurity?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/24-what-do-you-think-of-the-quality-of-the-articles-on-linuxsecurity?task=poll.vote&format=json
    24
    radio
    [{"id":"87","title":"Excellent, don't change a thing!","votes":"7","type":"x","order":"1","pct":58.33,"resources":[]},{"id":"88","title":"Should be more technical","votes":"3","type":"x","order":"2","pct":25,"resources":[]},{"id":"89","title":"Should include more HOWTOs","votes":"2","type":"x","order":"3","pct":16.67,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    Advisories

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.