Friday, August 04, 2006

Security Tip of the Day #1 (OK, maybe Week, Month, etc)

Upon seeing folks giving security tips of the day on their blogs (like here, here, here ; SANS jumped in as well), I decided to follow along and join the initiative. One of the bloggers called it "pay it forward" to the community.

So, Anton Security Tip of the Day #1: Crank it Up!

Crank what up? Logging, of course! You'd be happy you did, I promise. The gist of this tip is that if you increase the level of logging on your system (even without looking at the resulting logs periodically...), you'd fare much better in case of an incident. And, by incident here I don't mean that those evil hackers will 0wn you with a custom-coded 0day, but something much more common: a computer crash, spyware problem or system malfunction.

On Linux/Unix it will likely involve editing the /etc/syslog.conf and on Windows it will involve changing the Audit Policy.

Of course, you'd be committing a mistake, if you only turn it on. But that's a separate story.

Dr Anton Chuvakin