Kid Pogi wrote: > Yup, I'm sure. You didn't mention a specific OS but the original poster did. Red >Hat Linux 7.0. Suggestions which would be unimplementable on that OS would be pretty >much useless to him, right? take note as i said to my previous post, *its depends how you protect your logs files even if your box is being compromise*. tell me how do you erase your log files if the logs written to a WORM device like CD-R or PRINTER? > No, I haven't tried *BSD. I've been looking for installation CDs for it, but so far >no luck. Do you have any suggestions? if you know how to download linux iso images then you know where to download *bsd images. > Not sure for a BSD system but on a Linux system, if root can set the immutable or >append only flags, he can, _necessarily_, _unset_ it. thats true but the question is how do you protect to redo everything? its just a matter of another creativity to do this.. well this is another topic to discuss and mind you we have already solutions and implemented for this. > > take note that even the ip firewall cannot be modify aside from file if > > your securelevel is 3. take note also the word IMMUTABLE and APPEND ONLY. > > Your point being? the point here is that the ROOT *cannot* modify your files and even your firewall rules. > Protecting the log files and protecting the _printout_ or _copy_ of the log files >are totally different matters to my understanding. If you were referring to both as >being the same, then this discussion is probably pointless. even a device in unix considered as a FILE... fooler. _ Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph To leave: send "unsubscribe" in the body to [EMAIL PROTECTED] To subscribe to the Linux Newbies' List: send "subscribe" in the body to [EMAIL PROTECTED]
