SecSyslog: an Approach to Secure Logging Based on Covert Channels

14 years 5 months ago

Download www.iritaly-livecd.org

Today log traces are widely used to identify and prevent violations of corporate information systems. The most recent logging trend is to manage most level 3 ISO/OSI traffic via pcapcompatibile output. But use of syslog is still very widespread, as are the security issues it entails, especially in its 'pure' version. This paper outlines the basic syslog problems as foreseen in the RFCs, examines the 'secure' alternatives to the protocol (and relative implementations) and proposes a transmission approach based on covert channels which, applied on the LINUX platform, might answer some of the intrinsic reliability problems which undermine its effectiveness as a digital forensic tool.

Dario V. Forte, Cristiano Maruti, Michele R. Vettu

Real-time Traffic

Basic Syslog Problems | Digital Forensic Engineering | Forensic Engineering | Intrinsic Reliability Problems | SADFE 2005 | Today Log Traces |

claim paper

Post Info
More Details (n/a)

Added	25 Jun 2010
Updated	25 Jun 2010
Type	Conference
Year	2005
Where	SADFE
Authors	Dario V. Forte, Cristiano Maruti, Michele R. Vetturi, Michele Zambelli

Comments (0)

Sciweavers

SecSyslog: an Approach to Secure Logging Based on Covert Channels

Basic Syslog Problems | Digital Forensic Engineering | Forensic Engineering | Intrinsic Reliability Problems | SADFE 2005 | Today Log Traces |

Explore & Download

Productivity Tools

Document Tools

Image Tools

Sciweavers