[axxs-sysadmin] SPAM, (was No Database connection for A-IMC)

boud boud at riseup.net
Mon Nov 13 04:51:13 PST 2006 

gday all,

On Mon, 13 Nov 2006, finn wrote:

> Hi,
>
> Dave Fregon schrieb:
>> On Mon, 2006-11-13 at 17:19 +1100, aketus wrote:
>>> Hey Dave,
>>>
>>> I'm totally 100% in agreement about the actualy IP logging policy and
>>> I make no move to change the policy :) for precisely the reason that
>>> we have it..
>>>
>>> I think in the case of maintenance, we should turn on IP logging
>>> *very* briefly in order to gather the info required to maintain, say
>>> in this case, Adelaide IMC (which in turn means maintaining the uptime
>>> of all the sites hosted on axxs.org by consequence), then switch it
>>> back off again and destroy the logs.
>>
>> ahh yes, I should have explicitly said 'Yea, just destroy the logs after
>> you have done so' .. I ended up on a tangent 8-}
>
> One thing that IMCs use in this situation is logging to a ramdisk, so
> that nothing touches a HD.
>
> Once the computer is rebooted, then the contents of the ramdisk are
> lost.

Temporary IP logging in RAM is what mir does (optionally) - it just
keeps the last N accesses in RAM.

But in that case, in principle you should encrypt your swap partition
(or use no swap at all):
http://www.saout.de/tikiwiki/tiki-index.php?page=EncryptedSwap

cat /proc/swaps 
to see what swap partition(s) you have mounted

If it looks something like:
Filename                                Type            Size    Used    Priority
/dev/mapper/swap0                       partition       514008  174128  -1
then you've probably set up your encryption properly.

If you use the encryption method recommended here:
http://www.saout.de/tikiwiki/tiki-index.php?page=EncryptedSwap

then noone, including you, can unencrypt the swap partition, even if you
reboot with a rescue disk and copy the swap partition contents to 
a backup somewhere - because the encryption key is created from /dev/urandom
and (i presume) the chance of any passphrase existing which would unlock
this key is presumably extremely small (though i don't know the numbers 
here - i don't know much about cryptology).


pozdr
boud

More information about the axxs-sysadmin mailing list