A key to security seems to be to get the access logs (e.g., /var/log) off the server so that a root compromise cannot cover tracks by deleting them. No one does this by default, but it ought to be made more easy.
Ideally, get it onto write-once media, or a separate server which requires physical access to compromise.
Can CD-R CDROMs be used to append data which might only come in a few bytes at a time? We would like to avoid the megabytes of overhead of multisession.
No comments :
Post a Comment