All, This thread has been very interesting. I was hoping someone else would mention this because IANAL. DISCLAIMER: I am not a lawyer. This is not legal advice. Consult your legal department for a real answer. The Story as I remember it: At a conference on Network Security it was suggested that Universities monitor all traffic from student computers and block certain sites. Then, someone also not connected with the legal profession said that such a University might be held responsible for ANY violation of the law perpetrated over their network BECAUSE they monitor it. The theory suggested here is that by logging you demonstrate a knowledge of your user actions. Therefore, not taking *immediate* action against all violations makes you culpable. How this relates to SYSLOG: Well, this theory applies to syslog logs, too. If you have logs, I, not being a lawyer, would think you have a legal obligation to diligently monitor AND take swift action against all violators. [I had some scary hypothetical situations here, but IANAL, so I'll leave that as a nightmare for the reader.] I have NO IDEA what precedence there is for this, or what laws are involved. Just a thought. But IF there is any truth to it, you're stiff suits will spring out of their seats and start writing you blank checks. Ask you boss to talk to the organization's lawyers (and report back to us ;-). No analogy can beat the shear terror of a law suite. Cheers, __ Paul DeStefano --------------------------------------------------------------------- To unsubscribe, e-mail: loganalysis-unsubscribeat_private For additional commands, e-mail: loganalysis-helpat_private
This archive was generated by hypermail 2b30 : Wed Sep 12 2001 - 20:28:33 PDT