On Wed, Nov 11, 2009 at 10:14 PM, Gavin Towey <gtowey@stripped> wrote:
> This raises an issue that I've often wondered how other people handle:
>
> If a DBA (or anyone else) has shell access to the machine, then they can simply edit
> the log to cover their tracks. How do you prevent this scenario?
>
Well, my company solves this problem delegating log keeping to an
external centralized system managed by a certified firm so we don't
have access to these copy of logs. In a scenario like this in case of
investigations the authorities talks directly with the external firm.
P.
