Security Basics mailing list archives
Re: EU approves data retention rules
From: Alessandro Bottonelli <a.bottonelli () axis-net it>
Date: Tue, 20 Dec 2005 21:43:08 +0100
On Tuesday 20 December 2005 13:17, Alvin Oga wrote:
logs should be time stamped and gpg signed to minimize tampering worst still, what if they admins turn off all logging on the machines so there is zero-ized log files ... silly admins forgot to check that syslogd is running or other that /var/log exists /var/log typically get moved to a remote loghost .. that may or may not be writable by that host
Whether logs are legal evidence or have any meaning in a court of justice or even in a less formal environment like an HR office that's a very different kind of story. EU directives and Member States Laws ask us to retain them for a certain period of time. Period. How to use them for what purpose is somebody else's issue. To us techies is very clear that logs are just.... logs. Text files with lines of rubbish one after the other that maybe are genuine maybe are not, and that can easily be tampered with a simple text editor. Depending on who you are dealing with logs may be the the source of truth, nothing at all, or anything in between.... -- Alessandro Bottonelli CISSP, BS7799 LA http://www.axis-net.it --------------------------------------------------------------------------- EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The Norwich University program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Tailor your education to your own professional goals with degree customizations including Emergency Management, Business Continuity Planning, Computer Emergency Response Teams, and Digital Investigations. http://www.msia.norwich.edu/secfocus ----------------------------------------------------------------------------
Current thread:
- EU approves data retention rules Saqib Ali (Dec 16)
- Re: EU approves data retention rules Alessandro Bottonelli (Dec 19)
- Re: EU approves data retention rules Alvin Oga (Dec 20)
- Re: EU approves data retention rules Alessandro Bottonelli (Dec 21)
- Re: EU approves data retention rules Alvin Oga (Dec 20)
- Re: EU approves data retention rules Alessandro Bottonelli (Dec 19)