[syslog-ng] spam
Balazs Scheidler
bazsi@balabit.hu
Mon, 19 Apr 1999 14:46:25 +0200
> ello,
>
> what do you think about a new option in syslog-ng? I though "remote
> logging" could be very usefull. If someone hacks one system
> the first thing he will do is to clean the logs. Its very easy to clean
> the logs because they are in plain ascii format.
This option is supported even in standard syslogds, and of course this is a
planned feature of syslog-ng. Though sending is not ready yet, receiving
from network socket is (at least seem to be) working.
>
> If you could improve syslog-ng so that it can log remotly, intruders
> cannot clean the logs and its very easy to exemine the logs and trace
> him.
I plan not only to use remote logging, but also storing digital fingerprints
of messages, so _any_ modification can be detected.
Maybe I'll even add encrypted log files.
> Ì got these mail back, cuz of spam. Please configure your mailing-list better
Your host seems to be in one of the anti-spam databases, which is installed
on vekoll, where this list is running. I can tell you which sites we mirror
those lists, so that you can notify your sysadmin.
--
Bazsi
PGP key: http://www.balabit.hu/pgpkey.txt, or finger bazsi@balabit.hu