Sciweavers

SADFE
2005
IEEE

SecSyslog: an Approach to Secure Logging Based on Covert Channels

14 years 6 months ago
SecSyslog: an Approach to Secure Logging Based on Covert Channels
Today log traces are widely used to identify and prevent violations of corporate information systems. The most recent logging trend is to manage most level 3 ISO/OSI traffic via pcapcompatibile output. But use of syslog is still very widespread, as are the security issues it entails, especially in its 'pure' version. This paper outlines the basic syslog problems as foreseen in the RFCs, examines the 'secure' alternatives to the protocol (and relative implementations) and proposes a transmission approach based on covert channels which, applied on the LINUX platform, might answer some of the intrinsic reliability problems which undermine its effectiveness as a digital forensic tool.
Dario V. Forte, Cristiano Maruti, Michele R. Vettu
Added 25 Jun 2010
Updated 25 Jun 2010
Type Conference
Year 2005
Where SADFE
Authors Dario V. Forte, Cristiano Maruti, Michele R. Vetturi, Michele Zambelli
Comments (0)