Honeypots mailing list archives
Re: Question about logging
From: Valdis.Kletnieks () vt edu
Date: Thu, 05 Dec 2002 22:17:29 -0500
On Thu, 05 Dec 2002 19:59:12 EST, "TJ O'Grady" <tjogrady () flyingwithouta net> said:
I am just getting my feet wet on some of the concepts in honeypots and intrusion detection. I was wondering if someone can point me in the direction of additional information on setting up logging. I am not understanding how a logging server can be available to copy logs to (via syslogd or some third party Windows tool) and yet not be vulnerable once the honeypot is compromised.
It's like protecting yourself against mobsters by sending a copy of the incriminating evidence to somebody with instructions to go to the police if they don't hear from you. That make it clearer? -- Valdis Kletnieks Computer Systems Senior Engineer Virginia Tech
Attachment:
_bin
Description:
Current thread:
- Question about logging TJ O'Grady (Dec 05)
- Re: Question about logging Valdis . Kletnieks (Dec 05)
- Re: Question about logging Curq (Dec 06)
- Re: Question about logging Floydman (Dec 06)
- <Possible follow-ups>
- Re: Question about logging Ryan Barnett (Dec 06)
- Re: Question about logging Valdis . Kletnieks (Dec 05)