http://www.daemonnews.org/200112/log_protection.html
<quote> When an attacker gains absolute control of a system's resources, standard cryptographic techniques are usually compromised. They can always browse through the system memory to retrieve any symmetric or public key used for encryption, and with that information proceed to modify the stored logs. The protocols introduced within this article are oriented to determine if the information logged in a system before an intrusion has been altered. Given a system that appends records periodically to a database, and an attacker that gains access to the system in a given instant of time, an auditor can establish if the data logged before the intrusion has been modified. </quote> -- Florin Andrei "Engineering does not require science." - Linus Torvalds --- Send e-mail to '[EMAIL PROTECTED]' with 'unsubscribe rlug' to unsubscribe from this list.
