[logs] Audit in Trusted Systems

From: Tina Bird (tbird@precision-guesswork.com)
Date: Fri Aug 30 2002 - 00:08:21 PDT

  • Next message: Ron Ogle: "Re: [logs] Audit in Trusted Systems"

    I'm starting the draft of the logging requirements document based on the
    wonderful discussion we've been having -- carefully avoiding discussions
    of message formats, transport mechanisms, or timestamps, at least for the
    first draft ;-)
    
    Here's a pointer to the references people have suggested:
    
    The Rainbow Series is online in PostScript and PDF at
    http://www.radium.ncsc.mil/tpep/library/rainbow/
    Look for "A Guide to Understanding Audit in Trusted Systems" especially if
    you're suffering from insomnia.  Gak.  The things I read in my spare
    time...
    
    Network Security Requirements for Devices Implementing Internet Protocol
    draft-jones-netsec-reqs-00
    http://www.port111.com/docs/netsec-reqs.html
    Section 2.5 discusses event logging requirements
    
    We'll be adding these to the Log Analysis Web site shortly.
    
    t.
    
    "Wine is strong, the King is stronger, women are strongest, but TRUTH
              conquers all."
    -----     Inscription in the Rosslyn Chapel (near Edinburgh, Scotland)
    
    http://www.shmoo.com/~tbird
    Log Analysis http://www.counterpane.com/log-analysis.html
    VPN http://vpn.shmoo.com
    
    
    _______________________________________________
    LogAnalysis mailing list
    LogAnalysisat_private
    http://lists.shmoo.com/mailman/listinfo/loganalysis
    



    This archive was generated by hypermail 2b30 : Fri Aug 30 2002 - 00:25:52 PDT