Is this list dead
Casey Schaufler
casey at sgi.com
Thu Sep 16 18:52:23 GMT 1999
Robert Watson wrote:
> This is great news--I look forward to seeing this work! From the point of
> view of cross-pollination, what license do you plan to release under?
Unless we start getting bigger lawyers I expect to be GPL, LGPL, or
some minor variant thereof. There's no community value to doing any
sort of binary-only wongle. Furthermore, our customer feedback has
been completely in favor of open source. People who really know
security know that security through obscurity isn't.
> >From the point of view of interoperability, I'd love to hear about your
> experiences as you implement this.
Hey, me too!
> Do you have any references to papers on pushing audit data into relational
> databases for IDS?
Sorry.
> The relational model sounds more like an
> auditd pushing records (or some cooked result of the records) into a
> relational database and letting database clients perform queries/repond to
> triggers to generate events in an IDS.
Yes, although my point was that if the kernel generates records
designed for RDBMS inclusion there may be oppertunity for optimization.
--
Casey Schaufler voice: (650) 933-1634
casey at sgi.com fax: (650) 933-0170
To Unsubscribe: send mail to majordomo at cyrus.watson.org
with "unsubscribe posix1e" in the body of the message
More information about the posix1e
mailing list