lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
From: se_cur_ity at hotmail.com (morning_wood)
Subject: [inbox] Re: Reacting to a server compromise

----- Original Message ----- 
From: "Curt Purdy" <purdy@...man.com>
To: "'Jennifer Bradley'" <jenbradley@...mail.co.za>;
<full-disclosure@...ts.netsys.com>
Sent: Sunday, August 03, 2003 1:29 PM
Subject: RE: [inbox] Re: [Full-Disclosure] Reacting to a server compromise


> Jennifer, I made a reply to someone disagreeing with your statement on
> copying the drive, supporting your contention.  However, most courts will
> not accept log files on magnetic media as evidence due to the ease of
> alteration.  This is why we collect all logs on a central syslog server
that
> writes directly to write-once media.  That is irrefutable evidence.
>

and what if all the connections were via proxy on the charged persons
computer???
lets convict innocent people, i think not.
condider the simple tcpredirect or a proxy, running on ( Jennifers )
system, omg look, Jennifer is being arrested for embezilling ABC company
because  ABC companys logs show Jennifers ip address as the originating IP
address.
im still failing to see computer generated access logs based upon IP
addresses as evidence.

Donnie Werner





Powered by blists - more mailing lists