[syslog-ng] Encrypted messages

todd glassey todd.glassey@worldnet.att.net
Tue, 9 Oct 2001 07:49:59 -0700


Nate, you may not get it yet, but globally it is the Systems Admins and
DBA's that are going to first feel the pain of HIPAA/GLB and other global
privacy acts like the EU's.

The fact that there are not these services mean that the only testimony that
is valid (or possibly valid) is that of the systems admin's operating the
platforms and I assure you that the first time some police officer shows up
with a DoJ warrant against the operations of a such-impacted system that
everything will change.

As to the OS manufacturers, they will not change until someone at a
standards group gets a mandate to put in place a secured logging
infrastructure, or until the UNIX Spec is updated, They are like banks and
unless you can show them the money they are not interested.

As to tools for replacing Syslog, what is Syslog-NG supposed to be?

Todd

----- Original Message -----
From: "Nate Campi" <nate@campin.net>
To: <syslog-ng@lists.balabit.hu>
Sent: Monday, October 08, 2001 6:10 PM
Subject: Re: [syslog-ng] Encrypted messages


> On Mon, Oct 08, 2001 at 05:27:57PM -0700, todd glassey wrote:
> > The real issue is in building a timestamping regimen and PKI based
crypto
> > service so that the log can be claimed to be "non-repudiated" and can
later
> > for forensic reasons be taken apart.
>
> Then you need to look at products which have already begun to address
> these issues:
>
> http://kubarb.phsx.ukans.edu/~tbird/log-analysis.html#replacements
> --
> Nate Campi <nate@campin.net>
> GnuPG key: 0xC17AEF79 http://www.campin.net
>
> ... A solemn, unsmiling, sanctimonious old iceberg who looked like he
> was waiting for a vacancy in the Trinity.
> -- Mark Twain
>
>
> _______________________________________________
> syslog-ng maillist  -  syslog-ng@lists.balabit.hu
> https://lists.balabit.hu/mailman/listinfo/syslog-ng