Linux Today: Linux News On Internet Time.

More on LinuxToday

LinuxSecurity.com: Remote Syslogging - A Primer

Nov 04, 2002, 09:00 (0 Talkback[s])
(Other stories by Armando Ortiz)

[ Thanks to LinuxSecurity Contributors for this link. ]

"The syslog daemon is a very versatile tool that should never be overlooked under any circumstances. The facility itself provides a wealth of information regarding the local system that it monitors.

"However, what happens when the system it's monitoring gets compromised?

"When a system becomes compromised, and the intruder obtains elevated root privileges, he now has the ability, as well as the will, to trash any and all eviden ce leading up to the intrusion, on top of erasing anything else thereafter, including other key system files.

"That's where remote system logging comes in, and it's real super-easy to set up..."

Complete Story

Related Stories: