Library items tagged: logfiles

References

Anonymous
Thursday, February 16, 2012 - 07:36
logfiles
logging
references
technical guide
Information and Guidelines on Logfiles LINX Best Current Practice – Traceability: https://www.linx.net/good/bcp/traceability-bcp-v1_0.html Information Commissioner’s Employee Monitoring code: http://www.ico.gov.uk/upload/documents/library/data_protection/detailed_specialist_guides/employment_practices_code.pdf
Read more

Next steps

Anonymous
Thursday, February 16, 2012 - 07:36
technical guide
logfiles
logging
security
This document has dealt only with the logs that can be recorded by individual computers and other systems. A great deal of useful information and early warnings can also be obtained by looking at computers and networks in combination. Any organisation that is concerned to protect its own systems and reputation should also be developing systems to monitor these systems. Two examples are given below of what can, and should, be done.
Read more

Implementation

Anonymous
Thursday, February 16, 2012 - 07:36
logfiles
logging
security
technical guide
The ways to enable and configure logging will vary from one computer and software system to another, and should be covered in the system documentation. This section cannot deal with such detailed instructions, but identifies a number of common topics that have been found to be useful in many different circumstances.
Read more

Identifying attacks

Anonymous
Thursday, February 16, 2012 - 07:35
technical guide
logfiles
logging
security
The remaining group of systems whose logfiles are likely to be of interest is servers. Whilst logs from clients and intermediaries will usually indicate attacks against other sites, logs from servers will normally be used to detect attacks, or attempted attacks, either on the servers themselves or on other local systems. Public servers such as web or mail systems are likely to be the most exposed to hostile activity on the Internet so these should always be configured to keep good and secure logs.
Read more

Examples

Anonymous
Thursday, February 16, 2012 - 07:35
logfiles
logging
security
technical guide
The following examples show some of the types of information that are available to the victims of computer misuse. Real examples have been used with names and addresses modified to protect the sites involved. These are typical of the evidence that may be sent to a site to complain about the activities of its users. In each case the receiving site will need to use additional logs relating to its clients and intermediaries to understand and investigate the origin of the misuse.
Read more

Tracing misuse

Anonymous
Thursday, February 16, 2012 - 07:34
security
logfiles
logging
technical guide
Clients
Read more

Using logfiles

Anonymous
Thursday, February 16, 2012 - 07:34
logfiles
logging
security
technical guide
Privacy and Legal Issues
Read more

Motivation for logfiles

Anonymous
Thursday, February 16, 2012 - 07:33
logfiles
logging
security
technical guide
Without collecting and analysing logfiles, it is impossible to know what is happening on a computer system or service. There will be no indication of faults and misuse and when they finally result in complaints from users, there will be no evidence to show the cause of the problem or how it can be cured. Failure to keep logfiles therefore leads rapidly to an unreliable system on which users will naturally be unwilling to rely for any critical function. Reliable systems can only be achieved if their performance is recorded and action taken to prevent or remedy problems.
Read more

Logfiles Technical Guide

Anonymous
Thursday, February 16, 2012 - 07:24
technical guide
security
logfiles
logging
GD/JANET/TECH/008 (10/10)
Read more