hi ya alessandro
On Wednesday 14 December 2005 17:46, Saqib Ali wrote:
http://news.bbc.co.uk/2/hi/europe/4527840.stm
The EU have ratified rules that will force ISP's and other
telecommunication companies to retain data for two years.
To whom it may concern.
Since this summer, Italian legislation requires carriers and ISPs to
retain traffic LOGs at least for four years, therefore anticipating
and exceeding EU rules.
On the practical side, especially smaller ISPs are moaning about
investments required to comply (while storage vendors are quite
happy...).
i like it ... i think logs are good, if they are recorded and saved properly
logs are bad ... it takes up disk space and can trvially modified
to make it look like its in their favor instead the other side
- we have logs going back to the first day the machine or site went online
which in some cases is over 5yrs, when we decided to save log files
logs should be time stamped and gpg signed to minimize tampering
worst still, what if they admins turn off all logging on the machines
so there is zero-ized log files ... silly admins forgot to check that
syslogd is running or other that /var/log exists
/var/log typically get moved to a remote loghost .. that may or
may not be writable by that host
c ya
alvin
---------------------------------------------------------------------------
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec management
education and the case study affords you unmatched consulting experience.
Tailor your education to your own professional goals with degree
customizations including Emergency Management, Business Continuity Planning,
Computer Emergency Response Teams, and Digital Investigations.
http://www.msia.norwich.edu/secfoc_ml
----------------------------------------------------------------------------
