In completarea sculelor din gospodarie cu intzelepciune alese de Florin ;) tripwire
http://www.tripwire.com/products/routers/ http://www.tripwire.com/products/servers/ =============== Tripwire for Routers and Switches is a premier data and networking integrity solution that monitors Cisco� routers and Catalyst switches running Cisco IOS� software versions 11.3, 12.0, and 12.1.(Use automatic restoration to deny file changes made without proper approvals) =============== Tripwire for Servers software monitors file changes, verifies integrity, and notifies you of any violations of data at rest on network servers. Tripwire for Servers monitors all file changes-regardless of whether they originated inside or outside of your organization. Tripwire for Servers also identifies changes to system attributes including file size, access flags, write time, and more. Tripwire for Servers enables you to establish network policies that detect intentional tampering, user error, software failure, and introductions of malicious software, as well as "open doors" for robust protection of critical systems. Tripwire for Servers software communicates with the Tripwire Manager management console via Secure Sockets Layer (SSL) protocol. =============== PS: unii spun ca se mai poate printa selectiv din loguri oarecum in timp real, ca sa se termine cu tot tampering-u. Alta idee: syslog server separat, gen Pix. S'auzim de bine. Radu. Florin Andrei wrote: > http://www.daemonnews.org/200112/log_protection.html > > <quote> > When an attacker gains absolute control of a system's resources, > standard cryptographic techniques are usually compromised. They can > always browse through the system memory to retrieve any symmetric or > public key used for encryption, and with that information proceed to > modify the stored logs. [..] > </quote> > > -- > Florin Andrei > > "Engineering does not require science." - Linus Torvalds -- Radu Stoian --- Send e-mail to '[EMAIL PROTECTED]' with 'unsubscribe rlug' to unsubscribe from this list.
