The Journal - a proposed syslog replacement
Posted Nov 18, 2011 20:51 UTC (Fri) by NAR
In reply to: The Journal - a proposed syslog replacement
Parent article: The Journal - a proposed syslog replacement
but the idea is to make them tamper-*evident*, not tamper-*proof*.
Somehow I doubt this will achieve this. I bet most system administrators will use the local tools that check the signature - and the rootkits will just replace these tools to not warn the administrator...
to post comments)