Friday, August 04, 2006

Security Tip of the Day #1 (OK, maybe Week, Month, etc)

Upon seeing folks giving security tips of the day on their blogs (like here, here, here ; SANS jumped in as well), I decided to follow along and join the initiative. One of the bloggers called it "pay it forward" to the community.

So, Anton Security Tip of the Day #1: Crank it Up!

Crank what up? Logging, of course! You'd be happy you did, I promise. The gist of this tip is that if you increase the level of logging on your system (even without looking at the resulting logs periodically...), you'd fare much better in case of an incident. And, by incident here I don't mean that those evil hackers will 0wn you with a custom-coded 0day, but something much more common: a computer crash, spyware problem or system malfunction.

On Linux/Unix it will likely involve editing the /etc/syslog.conf and on Windows it will involve changing the Audit Policy.

Of course, you'd be committing a mistake, if you only turn it on. But that's a separate story.

2 comments:

Anonymous said...

Anton, thanks for joining our tip of the day. I have noticed you are in my blog log community as well. I would like to find out more about log logic as well. Maybe we can chat sometime

alan

Anonymous said...

Great tip Anton!

I joined the pay it forward trend as well and actually branched off of your tip

Dr Anton Chuvakin