RE: [logs] Log archival

• Previous message: Devin Kowatch: "Re: [logs] Log archival"
• Maybe in reply to: Blaise St-Laurent: "[logs] Log archival"
• Next in thread: Richard Welty: "Re[2]: [logs] Log archival"
• Next in thread: Marcus J. Ranum: "Re: [logs] Log archival"
• Reply: Richard Welty: "Re[2]: [logs] Log archival"
• Reply: Paul D. Robertson: "RE: [logs] Log archival"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> I've read around that several implementations support some 
> sort of hash for modification detection, could someone point 
> me to the specs for these hash systems? are they based on a 
> standard (rfc?)

There is a RFC on MD5

    http://www.ietf.org/rfc/rfc1321.txt

However, I wonder if MD5 will acutally help in court as long it is not
protected inside a crypt sig - somebody out there with an opinion on
this?

You might also find this link helpful in general:

    http://www.usdoj.gov/criminal/cybercrime/usamarch2001_4.htm

Rainer Gerhards
Adiscon
_______________________________________________
LogAnalysis mailing list
LogAnalysisat_private
http://lists.shmoo.com/mailman/listinfo/loganalysis

• Next message: Marcus J. Ranum: "RE: [logs] SDSC Secure Syslog"
• Previous message: Devin Kowatch: "Re: [logs] Log archival"
• Maybe in reply to: Blaise St-Laurent: "[logs] Log archival"
• Next in thread: Richard Welty: "Re[2]: [logs] Log archival"
• Next in thread: Marcus J. Ranum: "Re: [logs] Log archival"
• Reply: Richard Welty: "Re[2]: [logs] Log archival"
• Reply: Paul D. Robertson: "RE: [logs] Log archival"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Wed Dec 11 2002 - 13:44:18 PST