RE: [Full-Disclosure] Break-in discovery and forensics tools

From: Rainer Gerhards (rgerhards@hq.adiscon.com)
Date: 04/23/03

  • Next message: badpack3t: "[Full-Disclosure] Re: Xeneo Webserver Vulnerability"
    From: "Rainer Gerhards" <rgerhards@hq.adiscon.com>
    To: <full-disclosure@lists.netsys.com>
    Date: Wed, 23 Apr 2003 21:14:20 +0200
    

    Some *very* good reading on logs as evidence can be found at

       http://www.loganalysis.org/sections/discussions/index.html

    See the top of the link list.

    Rainer Gerhards
    Adiscon
    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.netsys.com/full-disclosure-charter.html


  • Next message: badpack3t: "[Full-Disclosure] Re: Xeneo Webserver Vulnerability"

    Relevant Pages

    • Re: [Full-Disclosure] Break-in discovery and forensics tools
      ... [Full-Disclosure] Break-in discovery and forensics tools ... >:evidence that carries a greater weight than just the victims log files. ... this is something I have been thinking about with IDS logs. ...
      (Full-Disclosure)
    • Re: Computer Forensics - Shutdown or Switch-Off
      ... -> IDS or firewall logs indicating a system has been compromised ... hand in most cases an attacker won't have done this and we can ensure ... that any disk writes are completed and the filesystem integrity is ... over evidence in case we need to find out what damage was done or maybe ...
      (comp.security.misc)
    • Re: [Full-disclosure] Facebook Police
      ... Photos being treated as "evidence" in the absence of any witnesses or any LE observation of an alleged crime. ... Subject: [Full-disclosure] Facebook Police ... Hosted and sponsored by Secunia - http://secunia.com/ ...
      (Full-Disclosure)
    • Re: [Full-disclosure] Keylogger
      ... -> Sends logs via email to your chosen email account. ... stupid GetForegroundWindow, GetAsyncKeyState! ... Full-Disclosure - We believe in it. ... Hosted and sponsored by Secunia - http://secunia.com/ ...
      (Full-Disclosure)
    • Re: Coalified logs proved Geological Column is a phony theory
      ... when Robert Gentry found that some of the uranium halos found ... in coalified logs taken from Eocene, ... layers had coalified before the logs were compressed, ... To this day this evidence has never ...
      (talk.origins)