Defenses for Log and
Accounting File Attacks (cont.)
¨
Encrypt log files
http://www.core-
sdi.com/english/freesoft.html
¨
On Linux systems, make log files append
only
–
$ chattr
+a
[log_filename]
¨
Store logs on write-once media such as
CD-ROM
¨