Security Basics mailing list archives
Re: Review of logs/audit trail - whose responsibility?
From: craig.wilson () redtray co uk
Date: Thu, 24 Sep 2009 08:06:32 +0000
Hi, As you say it depends on the company really. Someone without a vested interest ideally, i.e. not the person tasked with network uptime or administration. The reason being that in my experience they can be prone to covering tracks to remove anomalies and to make life easier. Craig ------Original Message------ From: sfmailsbm () gmail com Sender: listbounce () securityfocus com To: security-basics () securityfocus com Sent: Sep 22, 2009 10:00 AM Subject: Review of logs/audit trail - whose responsibility? Dear all, a simple question: we all agree that there must be logs and audit trails to enable tracing back and monitoring of suspicious activities Logs should be reviewed regularly to identify abnormal activities however, who should "ideally" be responsible for this regular (daily) monitoring of logs? Is it IT, IT Security or Computer Audit? I know that each company might implement it differently, but from a conceptual point of view, in terms of security, what will be the most appropriate choice? thanks for your comments Regards, Ronish ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------ ______________________________________________________________________ This email has been scanned by the MessageLabs Email Security System. For more information please visit http://www.messagelabs.com/email ______________________________________________________________________ Sent from my BlackBerry® wireless device ______________________________________________________________________ This email has been scanned by the MessageLabs Email Security System. For more information please visit http://www.messagelabs.com/email ______________________________________________________________________
Current thread:
- Review of logs/audit trail - whose responsibility? sfmailsbm (Sep 23)
- RE: Review of logs/audit trail - whose responsibility? Rivest, Philippe (Sep 28)
- Re: Review of logs/audit trail - whose responsibility? Quentin Chung@Programmer (Sep 28)
- Re: Review of logs/audit trail - whose responsibility? Gleb Paharenko (Sep 28)
- Re: Review of logs/audit trail - whose responsibility? M.D.Mufambisi (Sep 29)
- Re: Review of logs/audit trail - whose responsibility? Dan Anderson (Sep 30)
- Re: Review of logs/audit trail - whose responsibility? M.D.Mufambisi (Sep 29)
- <Possible follow-ups>
- Re: Review of logs/audit trail - whose responsibility? craig . wilson (Sep 28)
- Re: Review of logs/audit trail - whose responsibility? ron (Sep 28)
- Re: Review of logs/audit trail - whose responsibility? krymson (Sep 30)