Anti-Rootkit app
Jan Münther
jan.muenther at nruns.com
Mon Jan 14 16:18:03 PST 2008
Tim Clewlow schrieb:
>
> One solution would be to have /var/log/auth.log being tailed out via a serial
> port to another computer that is not accessable via a network - or have it sent
> to a printer for a permanent hard-copy. It all depends on how much you really
> want to do in regard to security.
>
A good practice is running a log host which has a cable that has only RX
wires connected.
Cheers,
Jan
--
Jan Muenther, CTO Security, n.runs AG
More information about the freebsd-security
mailing list