By using a replacement for the default system logger, syslog-ng, you can selectively stop IPs from being written to log files, for example on a mail server.
Monthly Archive: February 2013
I am currently playing with the thought of [url=http://linux.die.net/man/1/shred]shredding[/url] files automatically before they are unlinked from the file system (for example on a mail server). I wrote a small library that you can inject into processes using LD_PRELOAD, so all unlink operations result in a call to shred for (A) regular files that (B) have only one hard link left.
Imagine trying to secure a computer with a small but powerful parasitic server on its motherboard; a bloodsucker that can’t be turned off and has no documentation; you can’t login, patch, or fix problems on it; server-based defensive, audit, or anti-malware software can’t be used. Its design is secret and implementation old. It’s also the perfect spy platform: nearly invisible to its host, it can fully control the computer’s hardware and software, and it was designed for remote control and monitoring. And that’s the good news. http://fish2.com/ipmi/ (via ln5) (View on gamamb.tumblr.com)