| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: peter at trusteddebian.org (Peter Busser) Subject: [inbox] Re: Reacting to a server compromise Hi! > and what if all the connections were via proxy on the charged persons > computer??? Normally you would find traces of something like that on the system. > lets convict innocent people, i think not. > condider the simple tcpredirect or a proxy, running on ( Jennifers ) > system, omg look, Jennifer is being arrested for embezilling ABC company > because ABC companys logs show Jennifers ip address as the originating IP > address. > im still failing to see computer generated access logs based upon IP > addresses as evidence. I don't think the logs themselves are enough to get someone convicted, as the evidence they provide is obviously thin. But they can be useful for corelation purposes and for finding out at what time things happened. But it will surely depend on your jurisdiction. I have heard about someone being convicted for several years imprissonment based on the story told by one eye witness (who was watching from a distance). Groetjes, Peter Busser -- The Adamantix Project Taking trustworthy software out of the labs, and into the real world http://www.adamantix.org/
Powered by blists - more mailing lists