[syslog-ng] spam

Balazs Scheidler bazsi@balabit.hu
Mon, 19 Apr 1999 14:46:25 +0200


> ello,
> 
> what do you think about a new option in syslog-ng? I though "remote
> logging" could be very usefull. If someone hacks one system
> the first thing he will do is to clean the logs. Its very easy to clean
> the logs because they are in plain ascii format.

This option is supported even in standard syslogds, and of course this is a
planned feature of syslog-ng. Though sending is not ready yet, receiving
from network socket is (at least seem to be) working.

> 
> If you could improve syslog-ng so that it can log remotly, intruders
> cannot clean the logs and its very easy to exemine the logs and trace
> him.

I plan not only to use remote logging, but also storing digital fingerprints
of messages, so _any_ modification can be detected.

Maybe I'll even add encrypted log files.

>  got these mail back, cuz of spam. Please configure your mailing-list better

Your host seems to be in one of the anti-spam databases, which is installed
on vekoll, where this list is running. I can tell you which sites we mirror
those lists, so that you can notify your sysadmin.

-- 
Bazsi
PGP key: http://www.balabit.hu/pgpkey.txt, or finger bazsi@balabit.hu