由买买提看人间百态

boards

本页内容为未名空间相应帖子的节选和存档,一周内的贴子最多显示50字,超过一周显示500字 访问原贴
Unix版 - [转载] 一个问题
相关主题
[转载] 大家来讨论讨论Glib install problem with Sparc 2.5?
请教一个UNIX问题, 也许很低级, 谢谢remove history logs in CSH
普通用户的login attempt failed le...help: wtmpx
Tomcat 3.1 + apache 1.3.9一问急!unix 好像是down掉了
How unix keep track of the registry?[转载] help: a question about xwin32
Is that possible to run a matlab program in background?[转载] 问一个 shell script 和 rsh 的问题
help on directory accesssolaris 9 ufs has logging (journal)
How to kick a hidden user?question on user log in
相关话题的讨论汇总
话题: attacker话题: log话题: design话题: linux话题: gts
进入Unix版参与讨论
1 (共1页)
g*s
发帖数: 12
1
【 以下文字转载自 Linux 讨论区 】
【 原文由 GTS 所发表 】
Design such a logging facility for an open system
such as Linux.
Assume that the attacker's penetration will be logged,
but the attacker will then have root privilege.
How do we ensure that the attacker cannot
then modify the log without the admin detecting that?
多谢多谢
p**e
发帖数: 11
2
不知道这样回答对不对?
如果你设置成让root只从console登陆, 其他的登陆只有su权限, 是不是可以?

【在 g*s 的大作中提到】
: 【 以下文字转载自 Linux 讨论区 】
: 【 原文由 GTS 所发表 】
: Design such a logging facility for an open system
: such as Linux.
: Assume that the attacker's penetration will be logged,
: but the attacker will then have root privilege.
: How do we ensure that the attacker cannot
: then modify the log without the admin detecting that?
: 多谢多谢

p******f
发帖数: 162
3

no, hackers can get root shell without logon or su, they can overflow
server deamons from remote, or SUID progrom with local access.

【在 p**e 的大作中提到】
: 不知道这样回答对不对?
: 如果你设置成让root只从console登陆, 其他的登陆只有su权限, 是不是可以?

j***y
发帖数: 87
4
use a printer to print out the log in real time by configuring the
output file to the printer.
or use a serial cable to connect to a standalone machine, and dump the log
file to that machine through the serial cable synchronously.
or use a cd-writer which doesn't have the erase function as the log file.

【在 g*s 的大作中提到】
: 【 以下文字转载自 Linux 讨论区 】
: 【 原文由 GTS 所发表 】
: Design such a logging facility for an open system
: such as Linux.
: Assume that the attacker's penetration will be logged,
: but the attacker will then have root privilege.
: How do we ensure that the attacker cannot
: then modify the log without the admin detecting that?
: 多谢多谢

g*s
发帖数: 12
5
那一天要打印多少次啊
查起来不累死了
定时打印是不安全的 只有一有新数据就打印 而且只打印上回没有的部分
是不是呢?

【在 j***y 的大作中提到】
: use a printer to print out the log in real time by configuring the
: output file to the printer.
: or use a serial cable to connect to a standalone machine, and dump the log
: file to that machine through the serial cable synchronously.
: or use a cd-writer which doesn't have the erase function as the log file.

1 (共1页)
进入Unix版参与讨论
相关主题
question on user log inHow unix keep track of the registry?
how to count the times a function is calledIs that possible to run a matlab program in background?
Open Solaris 疑问help on directory access
a question in shell scriptHow to kick a hidden user?
[转载] 大家来讨论讨论Glib install problem with Sparc 2.5?
请教一个UNIX问题, 也许很低级, 谢谢remove history logs in CSH
普通用户的login attempt failed le...help: wtmpx
Tomcat 3.1 + apache 1.3.9一问急!unix 好像是down掉了
相关话题的讨论汇总
话题: attacker话题: log话题: design话题: linux话题: gts