On Wed, 22 Nov 2017 13:02:37 +0100, John wrote in message <0788acc2-15f4-491f-61bf-d28664664...@atlantech.com>:
> On 22/11/17 12:32, KatolaZ wrote: > > On Wed, Nov 22, 2017 at 12:24:28PM +0100, John Hughes wrote: > >> > >> I was amazed that KatolaZ couldn't imagine any way of reading text > >> from a file without a special application, doesn't he have > >> strings(1) on his "forensic system"? > > > > As for journalctl, you forget to mention that it is not available > > as a separate component from systemd. > > "Not available"? Attached to systemd with epoxy? Or an independent > executable that could easily be installed on a forensic system the > good old fashioned way. Or, if you prefer, just install the systemd > package and use some other init system: .._can_ we assume "systemd will never cover up crime"? ..e.g. Microsoft usually recommend against "3rd party software" "that may" (or not) "contain software virus", and on our side we have "root kits" written by very skillful people covering their tracks from their victims and law enforcement. > > I had never thhougt that I would have been suggested to look at logs > > by grepping the results of "strings" on a binary file. But I > > understand that this is considered "amazing technological progress" > > in some camps. > > Whatever gets the job done. Personally I'd just install the > application that knows how to read the file, but if I was unable to > do that for some reason or other I'd use one of the many useful tools > Unix like systems come with rather than claiming the job was > impossible. ..what if the job is "cover up crime in systemd journal logs"? -- ..med vennlig hilsen = with Kind Regards from Arnt Karlsen ...with a number of polar bear hunters in his ancestry... Scenarios always come in sets of three: best case, worst case, and just in case. _______________________________________________ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
