[syslog-ng] Re: hashing

canacar@ea.eee.metu.edu.tr canacar@ea.eee.metu.edu.tr
Thu, 10 Jun 1999 11:21:07 GMT +0200

> Or yet another, I like this one best. syslog-ng generates a random value
> which it will use to generate hash #0, then a copy of this random value is
> sent to the sysadmin in an email message. Later when somebody wants to check
> logfile integrity, a copy of this key is needed. This could also be a
> security risk if that message remains on the same box.

This security risk can be reduced if the message is encrypted using 
the administrators (pgp) public key. Only the admin with the correct 
passphrase (and private key) will be able to obtain the random key.


--=< Can Erkin Acar (canacar@bigfoot.com, canacar@eee.metu.edu.tr) >=--