lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <44281.198.162.158.16.1120602820.squirrel@65.61.200.197> Date: Tue Jul 5 23:34:55 2005 From: eric at arcticbears.com (Eric Paynter) Subject: RE: Tools accepted by the courts On Tue, July 5, 2005 3:02 pm, pingywon said: > I have heard on more then one ocassion that Microsoft Event files (.evt) > are admissible. Like anything, it depends a lot on the situation. It's a log file, so like any log file, it must be relevant and have a clean chain of custody. For anything more specific, it depends on your jurisdiction. Here is a link to the US Federal Rules of Evidence that might provide entertainment for some readers of this list: http://expertpages.com/federal/federal.htm Relevancy is defined in Article 4. Log files are generally considered "records of a regularly conducted activity", which is referenced in Rule 803(6). Note that Article 8 is about hearsay. A log is hearsay, but Rule 803 defines the exceptions to the inadmissibility of hearsay. -Eric -- arctic bears - email and dns services http://www.arcticbears.com
Powered by blists - more mailing lists