lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
From: peter at (Peter Busser)
Subject: [inbox] Re: Reacting to a server compromise


> and what if all the connections were via proxy on the charged persons
> computer???

Normally you would find traces of something like that on the system.

> lets convict innocent people, i think not.
> condider the simple tcpredirect or a proxy, running on ( Jennifers )
> system, omg look, Jennifer is being arrested for embezilling ABC company
> because  ABC companys logs show Jennifers ip address as the originating IP
> address.
> im still failing to see computer generated access logs based upon IP
> addresses as evidence.

I don't think the logs themselves are enough to get someone convicted, as the
evidence they provide is obviously thin. But they can be useful for corelation
purposes and for finding out at what time things happened.

But it will surely depend on your jurisdiction. I have heard about someone
being convicted for several years imprissonment based on the story told by one
eye witness (who was watching from a distance).

Peter Busser
The Adamantix Project
Taking trustworthy software out of the labs, and into the real world

Powered by blists - more mailing lists