Altering System Logs in Unix
¨
Unix log files are stored in files specified in
/etc/syslog.conf (eg. /var/adm/messages)
¨
Attackers can alter log files via editors such
as vi or emacs
¨