[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: IDS: how do you configure your firewall ( router ) to log to a different machine ?
FAQ: See http://www.ticm.com/kb/faq/idsfaq.html
IDS: See http://www-rnks.informatik.tu-cottbus.de/~sobirey/ids.html
HELP: Having problems.. Then email questions to ids-owner@uow.edu.au
NOTE: You MUST remove this line from reply messages as it will be filtered.
SPAM: DO NOT send unsolicted mail to this list.
USUB: email "unsubscribe ids" to majordomo@uow.edu.au
---------------------------------------------------------------------------
Hi this Gerardo again:
At the time of this email O am recovering from Yet ANOTHER
INTRUSION. Would anyone of you help me out in reconfiguring my firewall.
Because obviously is not working as it shoud.
T would appreciate any help.
REGARDS!!!!!On
> ~
> ~ Exactly.
> ~ A better option is logging to a line printer.
> ~ If you have a few trees to spare that is :)
> ~
>
> I don't remember where I heard this being suggested: but one solution is to
> connect another `logging' box via serial cable to your system (which
> shouldn't be connected elsewehere), and throw all logs there via one-way
> serial line. Thus the attacker would be able to clean up logs, if he gets
> physical access to your logging machine. Should be cheaper than generating
> hardcopy of all logs, right?:)
>
*******************************************************************************
Ing. Gerardo Soto Casados
Compu-Redes
Labastida # 37 Esq. Tijuana
San Martin Texmelucan Puebla
Tel. y Fax (91248) 45-888
e-mail: gsoto@compu-redes.net.mx
http://www.compu-redes.net.mx
*******************************************************************************