lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
From: lcamtuf at coredump.cx (Michal Zalewski) Subject: [inbox] Re: Reacting to a server compromise On Mon, 4 Aug 2003, Curt Purdy wrote: > Actually the traditionally accepted court evidence is real-time printouts of > data received by the syslog server. So what would stop anyone from replacing some of the printouts after the fact? It's pretty much as insecure as log files in terms of being susceptible to tampering with by the alleged victim (although less susceptible to remote manipulation by the attacker after the fact, true). -- ------------------------- bash$ :(){ :|:&};: -- Michal Zalewski * [http://lcamtuf.coredump.cx] Did you know that clones never use mirrors? --------------------------- 2003-08-05 09:43 --
Powered by blists - more mailing lists