14 Mar
2010
14 Mar
'10
9:14 a.m.
Hi Andy et al,
I suppose it depends how often you find logs removed when a system is
compromised? Otherwise I suspect it's going to be more trouble than it
is worth (considering the number of VPSes you have and the number of
logs they would generate!)
James
On 14 March 2010 09:07, Andy Smith <andy(a)bitfolk.com> wrote:
Hello,
A recently-compromised customer appears to have had their system
logs removed, which hampers investigation somewhat.
Would a remote (BitFolk-operated) syslog server be useful?
Cheers,
Andy
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEAREDAAYFAkucp0wACgkQIJm2TL8VSQt4JwCgg7cJzX8ywRzn4b+a/qfP3ZCG
bq8Anj2/eqk/GKdguWGcI3iJ204ukCqS
=kfDp
-----END PGP SIGNATURE-----
_______________________________________________
users mailing list
users(a)lists.bitfolk.com
https://lists.bitfolk.com/mailman/listinfo/users