To what extent sending logs to a remote server is secure?
To what extent sending logs to a remote server is *secure* please?
I mean security regarding a black-hat, not regarding natural incidents like fire, flood, physical failure... In other words, what measures prevent the black-hat to access my destination server and temper my remote logs as soon as (s)he gets access to my source server (assuming he has escalated his/her permissions and become root)? Indeed, can (s)he take advantage of the existing log connection (let's say it is done through ssh via pre-installed certificates) between the two servers to access&compromise the remote one? It it a matter of firewalling/protocols somewhere? Or maybe a kind of system where only data can be sent but not removed or retrieved (like unidirectional glass-recycling bins)? Many thanks in advance! :) |
Quote:
|
Quote:
|
All times are GMT -5. The time now is 12:52 AM. |