RE: Help with virus/hackers

Kenny Mann (Kennymann@cdrobot.com)
Thu, 17 Apr 2003 13:12:44 -0500

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Stephen Hemminger: "Recent changes broke mkinitrd?"
Previous message: Kristofer T. Karas: "Re: How to identify contents of /lib/modules/*"

Perhaps this:
Using FTP to connect to another secured computer which has only that
service running.
Write-only (no read, etc) is what is used to send to it. This file will
remain open until time X.
Where X equals when that file will close and another file will begin.
Random names or perhaps based on date/time.
Everything Y amount of time, it will burn to a CD that directory or
perhaps only new files added. (all but the last file which is currently
open)
When that directory (minues the open file) size hits a certain size, it
will either ask for another CD or auto-create another CD and move
previous logs there. (or perhaps when that directory hits a certain size
it moves the old logs there and then burns them instead of every Y time)

Any suggestions/flames?

>> Linux supports console on printer. Its not totally foolproof (there
is
>> a famous story of someone who simply reprinted the past two days of
>> logs edited so the admins wouldnt realise when they looked)
>!!! You can't be serious :-)
Hmm, true or not... Better safe than sorry. :-) If that person knows
about
It they are bound it try and figure something out.

Perhaps if you see a massive directory size difference (increased size)
That might be something to set it off... (assuming you follow the idea
above)

--KM

-----Original Message-----
From: John Bradford [mailto:john@grabjohn.com]
Sent: Thursday, April 17, 2003 1:01 PM
To: Alan Cox
Cc: John Bradford; root@chaos.analogic.com; joe briggs;
'linux-kernel@vger.kernel.org'
Subject: Re: Help with virus/hackers

> > I've often wondered whether it would be worth connecting a very
> > large serial EEPROM to a serial port interface, and have it
> > effectively appear as a solid state printer, (to that you could
> > cheaply log to an unmodifyable device). Has anybody ever tried
> > this?
>
> Linux supports console on printer. Its not totally foolproof (there is

> a famous story of someone who simply reprinted the past two days of
> logs edited so the admins wouldnt realise when they looked)

!!! You can't be serious :-)

> but it works pretty well. Just use a dot-matrix printer save keeping
> HP, Lexmark or Xerox in business 8)

Aren't you concerned with all of the trees that will be cut down to make
that paper, though?

I think 1 tree = about 50 reams. Let's say you get through a ream a
day, that's a tree every couple of months!

Maybe there is a way to encode the data in the rings of the tree while
it's still growing, that would be the ultimate WORM device :-) :-) :-).

John.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel"
in the body of a message to majordomo@vger.kernel.org More majordomo
info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Stephen Hemminger: "Recent changes broke mkinitrd?"
Previous message: Kristofer T. Karas: "Re: How to identify contents of /lib/modules/*"