Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

RE: [inbox] Re: Reacting to a server compromise

From: "Bojan Zdrnja" <Bojan.Zdrnja () LSS hr>
Date: Wed, 6 Aug 2003 21:07:46 +1200



-----Original Message-----
From: full-disclosure-admin () lists netsys com 
[mailto:full-disclosure-admin () lists netsys com] On Behalf Of 
Curt Purdy
Sent: Wednesday, 6 August 2003 1:28 p.m.
To: 'Michal Zalewski'
Cc: 'Jennifer Bradley'; full-disclosure () lists netsys com
Subject: RE: [inbox] Re: [Full-disclosure] Reacting to a 
server compromise


The key here is to have the paper handled by only one person and witnessed
by another and the access to that paper by only that person.  Therefore

the

validity of the printouts are as sound as that person.  As long as that
person can not be repudiated, neither can the printouts.

That is also applicable to the optical media we now use, with one person
responsible for handling and storage with a reliable witness.


Yep, (warning: IANAL), logs are usually categorized as hearsay evidence (3rd
party) - meaning they are not generally admissible in court, because you
can't prove they are accurate and reliable.
But, if you take additional steps, there are exceptions for hearsay
evidence: if logs are made during the regular conduct of business and
authenticated by witness familiar with their use, they can be admissible.

Regards,

Bojan Zdrnja

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Previous By Date Next
Previous By Thread Next

Current thread: