Firewalls: RE: Plaintext log files on firewall

Firewalls
(February 1998)

Indexed By Thread: [Previous] [Next]

Subject:	RE: Plaintext log files on firewall
From:	Emmanuel Tychon <manu @ acm . org>
Organization:	http://linux.rtfm.be
Date:	Wed, 04 Feb 1998 16:45:42 +0100 (MET)
To:	John Morgan Salomon <john @ bull . ch>
Cc:	firewalls @ GreatCircle . COM
In-reply-to:	<34D056E3 . D988F1E5 @ bull . ch>
Reply-to:	manu @ acm . org

On 29-Jan-98 John Morgan Salomon wrote:

> I'd be interested in hearing what people have to say regarding
> the advisability of storing log or alert files on a firewall
> machine in encrypted/binary format as opposed to plain ascii
> text?  

On Linux machines, you can mount and unmount fully encrypted partitions
(encryption done by DES). If this partition is used to log messages in /var/log
or /var/adm, the game can begin.

DES Kernel encryption need a little hack, see the Cryptographis-Filesystems
HOWTO. When your linux boot, you can see this:

..
loop: registered device at major 7
loop: DES encryption available
..

---
Member of the ACM. Look http://www.acm.org 

       |||      |  Emmanuel Tychon, <manu @
 acm .
 org>
       O-O      |  nic-hdl: ET99-RIPE, nic-irc: kosinus
       (_)      |  
   oOO-----OOo  |  Don't be assimilated, use Linux!
    | Linux |   |  
    \-------/   |  PGP key on http://pgp.ai.mit.edu

Indexed By Date	Previous:	RE: FW-1 and FIN scanning (was: nmap tool) From: Robert Ståhlbrand <robert . stahlbrand @ nmac . ericsson . se>
Indexed By Date	Next:	RE: MS ProxyServer 2.0 sucks From: Emmanuel Tychon <manu @ acm . org>
Indexed By Thread	Previous:	Re: Firewalls-Digest V7 #53 From: Stefan Schmidt <schmidts @ informatik . tu-muenchen . de>
Indexed By Thread	Next:	RE: MS ProxyServer 2.0 sucks From: Emmanuel Tychon <manu @ acm . org>