[ previous ] [ next ] [ threads ]
 From:  Peter Curran <peter at closeconsultants dot com>
 To:  m0n0wall dash dev at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall-dev] Re: [m0n0wall] Restriction Modifications
 Date:  Mon, 27 Sep 2004 18:39:42 +0100

> - Register unsucessfull and sucessfull logins ( I working on it, and I
> having problemsto register the webGui logins. Console ones are ok).

I guess there may be a logging function in the web server that could do this.

> - Register modification (what time, and who did) of significat security
> parameters (firewall rules) (not did, but very easy to do, is just
> implement a logging function and call it inside the firewall webGui pages).

There is a broader question here (I think discussed on this list a few weeks 
ago) about the desirability of having different user ID's (possibly with 
different priviliges).  Whilst the ICSA standard may be happy with 'User 
admin changed the firewall rules at hh:mm', this is actually pretty useless 
unless there is only one user with the admin password!

But, your list sounds like a good start and I would think it a Good Thing (tm) 
to have this sort of certification for the system.


Peter Curran				  Leveraging Internet Technology
Close Consultants			       for Businesses
p: +44-1225-463700			 
f: +44-1225-463705			  
e: peter at closeconsultants dot com		  
sip: peter at closeconsultants dot com 

This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.