A commonly used technique among computer crackers, and experienced thieves as well, is to erase their fingerprints from the crime scene. This usually means erasing or modifying the logs stored on the computer that will expose them if carefully examined. Unprotected . . .
A commonly used technique among computer crackers, and experienced thieves as well, is to erase their fingerprints from the crime scene. This usually means erasing or modifying the logs stored on the computer that will expose them if carefully examined. Unprotected logs will make system security checks an impossible task in most cases. When crackers gain complete access to the system, they gain the ability to read, modify or erase any logs. Let us define "Secure Logging" as the ability to record a given amount of information on a given storage media and be able to check the authenticity of that record later. This is part of the CIA triangle: confidentiality, integrity, and availability.

This definition says nothing about the security of the storage media where the information is recorded, we must assume that anybody can read, modify or erase it.

The link for this article located at daemonnews is no longer available.