CRIME creating logs that will stand up in court

From: Toby Kohlenberg (toby@private)
Date: Tue Dec 04 2001 - 23:52:19 PST

Next message: Wil Cooley: "Re: CRIME FW: [Ccbig] 'Hi' Virus. Be Vigilant!"

Previous message: Geo: "CRIME [Fwd: [C.r.i.m.e.-announce] FW: NIPC Alert 01-029]"
In reply to: Kris Quinby: "RE: CRIME LEDS/NCIC"
Next in thread: CURTIS Michael S * LEDS: "RE: CRIME LEDS/NCIC"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

There is an interesting discussion on the log analysis list on
securityfocus.com regarding what sysadmins can be expected to do to ensure
that their logs are sound (e.g. not tampered with) as well as what the
InfoSec community can do to make it easier for sysadmins to take those
measures. You can find the archives on www.securityfocus.com, the
conversation is going on this week and is still in progress. Two links
that have come out of it are:
http://www.usdoj.gov/criminal/cybercrime/usamarch2001_4.htm
http://www.ietf.org/internet-drafts/draft-ietf-grip-prot-evidence-05.txt

toby

Next message: Wil Cooley: "Re: CRIME FW: [Ccbig] 'Hi' Virus. Be Vigilant!"
Previous message: Geo: "CRIME [Fwd: [C.r.i.m.e.-announce] FW: NIPC Alert 01-029]"
In reply to: Kris Quinby: "RE: CRIME LEDS/NCIC"
Next in thread: CURTIS Michael S * LEDS: "RE: CRIME LEDS/NCIC"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Sun May 26 2002 - 11:36:43 PDT