On Tue, Apr 29, 2003 at 10:54:51PM +1000, Sam Couter wrote:
> Stefan Neufeind <[EMAIL PROTECTED]> wrote:
> > what is the best way to remotely syslog? In
>
> Use a dedicated machine. Cut the 'transmit' pair in the CAT5 cable.
> syslog is UDP, which is only one-way, so it doesn't need to transmit.
>
> Obviously you'll have no remote access to the syslog server, but neither
> will an attacker.
That solution seems rather harsh. Another way (without syslog, granted)
would be setting up a dedicated machine to do stealth logging. Somewhat
less intense on the hardware penetration part ;)
Regs,
Sven
--
Sven Riedel [EMAIL PROTECTED]
Osteroeder Str. 6 / App. 13 [EMAIL PROTECTED]
38678 Clausthal "Python is merely Perl for those who
prefer Pascal to C" (anon)
