[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[no subject]

Both Tx and Rx can be logged. They would each require a separate logging
port (i.e. dual serial port line printer)
> 
> Plus its more economical than having a printer for each server.

Absolutely. There was a brief mention of an incident where the needed
data in "cuckoos egg" was lost because the printer ran out of paper.
> 
> 

One thing that just ran through my mind was the potential for system
abuse with remote logging. If an attacker knows about the layout of the
logging network, it would be possible to flood the logging machine with
bogus "issues" from hosts not under the main attack. This would obscure
the real log entry of nefarious events. It could also cause data loss on
the logger if the load were high enough for the buffers to get flushed
by excessively long log entries (^P^Q, etc) coming in from multiple
machines.
> _______________________________________________
> Ale mailing list
> Ale at ale.org
&gt; <a  rel="nofollow" href="http://www.ale.org/mailman/listinfo/ale";>http://www.ale.org/mailman/listinfo/ale</a>
-- 
James P. Kinney III          \Changing the mobile computing world/
CEO &amp; Director of Engineering \          one Linux user         /
Local Net Solutions,LLC        \           at a time.          /
770-493-8244                    \.___________________________./
<a  rel="nofollow" href="http://www.localnetsolutions.com";>http://www.localnetsolutions.com</a>

GPG ID: 829C6CA7 James P. Kinney III (M.S. Physics)
&lt;jkinney at localnetsolutions.com&gt;
Fingerprint = 3C9E 6366 54FC A3FE BA4D 0659 6190 ADC3 829C 6CA7
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part



</pre>
<!--X-Body-of-Message-End-->
<!--X-MsgBody-End-->
<!--X-Follow-Ups-->
<hr>
<ul><li><strong>Follow-Ups</strong>:
<ul>
<li><strong><a name="00428" href="msg00428.html">[ale] Auditing root shells</a></strong>
<ul><li><em>From:</em> cfowler at outpostsentinel.com (Christopher Fowler)</li></ul></li>
</ul></li></ul>
<!--X-Follow-Ups-End-->
<!--X-References-->
<ul><li><strong>References</strong>:
<ul>
<li><strong><a name="00407" href="msg00407.html">[ale] Auditing root shells</a></strong>
<ul><li><em>From:</em> jb at sourceillustrated.com (John Wells)</li></ul></li>
<li><strong><a name="00417" href="msg00417.html">[ale] Auditing root shells</a></strong>
<ul><li><em>From:</em> cfowler at outpostsentinel.com (Christopher Fowler)</li></ul></li>
<li><strong><a name="00419" href="msg00419.html">[ale] Auditing root shells</a></strong>
<ul><li><em>From:</em> jkinney at localnetsolutions.com (James P. Kinney III)</li></ul></li>
<li><strong><a name="00423" href="msg00423.html">[ale] Auditing root shells</a></strong>
<ul><li><em>From:</em> cfowler at outpostsentinel.com (Christopher Fowler)</li></ul></li>
</ul></li></ul>
<!--X-References-End-->
<!--X-BotPNI-->
<ul>
<li>Prev by Date:
<strong><a href="msg00424.html">[ale] Linux on new laptops</a></strong>
</li>
<li>Next by Date:
<strong><a href="msg00426.html">[ale] Linux on new laptops</a></strong>
</li>
<li>Previous by thread:
<strong><a href="msg00423.html">[ale] Auditing root shells</a></strong>
</li>
<li>Next by thread:
<strong><a href="msg00428.html">[ale] Auditing root shells</a></strong>
</li>
<li>Index(es):
<ul>
<li><a href="maillist.html#00425"><strong>Date</strong></a></li>
<li><a href="threads.html#00425"><strong>Thread</strong></a></li>
</ul>
</li>
</ul>

<!--X-BotPNI-End-->
<!--X-User-Footer-->
<!--X-User-Footer-End-->
</body>
</html>