Re: Annoy Those Sub7 Scanners.

[Bill Royds <Bill_Royds () PCH GC CA>]

In a seminar by our local law enforcement officers, it was explained that logs
are valid evidence if  they follow some rules:

1>/ Kept in the normal course of business
2>/ Attested to veracity by at least two qualified people (2 signatures on
printouts, 2 signatures on CD).
3>/ Have been shown to be free from opportunity for tampering (burned into CD's
for example).

  They are as valid as paper evidence if they have been kept with "due care".
But  you must document you logging procedures and ensure that there are backups
and non volatile copies in normal course of business.




Bryan Andersen <bryan () visi com> on 08/31/2000 03:52:48 AM

Please respond to bryan () visi com



 To:      INCIDENTS () SECURITYFOCUS COM

 cc:      (bcc: Bill Royds/HullOttawa/PCH/CA)



 Subject: Re: Annoy Those Sub7 Scanners.






"Robert G. Ferrell" wrote:
> > > The cops disagree with you. Properly handled, logs are more than
> > > just hearsay, and also contribute to convergence of evidence -- a
> > > basic concept of law.
>
> Further, the US Federal Rules of Evidence (Rule 803(6))
> stipulate that logs are exempt from the Hearsay Rule
> so long as the original logs were made "in the course of a regularly
> conducted business activity."

This has been my understanding.  Also the same goes for backups used
as evidence.  It's partially based on rulings related to Xerox type
copies of legal documents.

Having a business plan that states how and when certain actions like
logging are done helps greatly in firming up their validity as evidence.

--
|  Bryan Andersen   |   bryan () visi com   |   http://softail.visi.com   |
| Buzzwords are like annoying little flies that deserve to be swatted. |
|   -Bryan Andersen                                                    |

Attachment: att1.eml
Description: