On 09/26/2014 05:08 PM, green wrote:
Ric Moore wrote at 2014-09-26 14:18 -0500:Change is certainly needed when any pimple face kid can edit and hide his doings from a text log with nano. I think the change is necessary to harden up our systems. Otherwise, Microsoft will become the only secure server OS, as they don't mind hiding things at all.So, all other things being equal, binary logs are more secure than plain text logs. Is that actually what you are saying?
Yes. The benefit of using a binary log is the lesser vulnerability to an external attack from an intruder. That huge security flaw was mentioned on a recent PBS video regarding the new day Hackers and how simply they removed/edited text-log files to hide their tracks of what they did.
When I saw that mentioned the light bulb went off, since every major commercial server distro has already changed over. So, on that point alone, I'm switching our Debian Wheezy Proxmox cluster servers to systemd, toot sweet. I guess that means I'll have to get some more edumaction.
I'm also making the positive assumption that there may be something going on above our pay grades. I find that more comforting than all of the wailing and gnashing of teeth. Keep in mind that the NSA wouldn't sign off on RedHat's use of systemd if it made a server less secure. I tend to think that they may have a hand in it's development. :) Ric
-- My father, Victor Moore (Vic) used to say: "There are two Great Sins in the world... ..the Sin of Ignorance, and the Sin of Stupidity. Only the former may be overcome." R.I.P. Dad. Linux user# 44256