/* HINT: Search archives @ http://www.indyramp.com/masq/ before posting!
/* ALSO: Don't quote this header. It makes you look lame :-) */
Craig Williams wrote:
> 1. Is there an alternate log file that can be used for ipchains when logging
> denied events ?
>
> 2. Can this log file be emailed automatically, to try stop someone from
> deleting it should the system get compromised ?
reconfigure syslogd to do whatever you want with the kernel messages.
syslogd can mail messages directly or they can be sent to a secure
loghost (or both). it's probably best to send them to a secure loghost
and then mail selected messages from there to the administrator.
logging to a printer is usually considered to be a good move (more
readily accepted as proof in courts of law).
raf
_______________________________________________
Masq maillist - [EMAIL PROTECTED]
Admin requests can be handled at http://www.indyramp.com/masq-list/ --
THIS INCLUDES UNSUBSCRIBING!
or email to [EMAIL PROTECTED]
PLEASE read the HOWTO and search the archives before posting.
You can start your search at http://www.indyramp.com/masq/
Please keep general linux/unix/pc/internet questions off the list.
