Nmap Announce mailing list archives
decoy traffic and legal admissibility of logs in court
From: Ken Williams <jkwilli2 () unity ncsu edu>
Date: Sat, 10 Apr 1999 16:07:25 -0400 (EDT)
during conversation recently about some network hacks in which a number of machines were compromised, and while i was going through logs of several machines that have been compromised on a couple of different networks that i admin, an interesting legal issue regarding decoy traffic came up. after analysis of logs, it has become clear that some of the traffic can definitely be attributed to decoys/spoofing. consequently, the question of the validity of system logs and the legal admissibility of logs in court, in general, has arisen. the recent issue regarding Linux kernels <= 2.0.35 and blind tcp spoofing figures into the equation too now, especially with the release of the receive.c and lin35.c spoof code. thoughts? comments? suggestions? flames? take it easy, Ken Williams jkwilli2 () csc ncsu edu Packet Storm Security http://packetstorm.genocide2600.com/ Trinux: Linux Security Toolkit http://www.trinux.org/ ftp://ftp.trinux.org PGP DH/DSS/RSA Public Keys http://packetstorm.genocide2600.com/pgpkey/ NCSU Computer Science http://www.csc.ncsu.edu/ jkwilli2 () csc ncsu edu SHANG: Secure Highly Available Networking Group http://shang.csc.ncsu.edu/
Current thread:
- decoy traffic and legal admissibility of logs in court Ken Williams (Apr 10)
- Re: decoy traffic and legal admissibility of logs in court Sebastian (Apr 10)
- Re: decoy traffic and legal admissibility of logs in court Andreas Bogk (Apr 11)
- Re: decoy traffic and legal admissibility of logs in court David Pick (Apr 10)
- Re: decoy traffic and legal admissibility of logs in court Adam Shostack (Apr 10)
- Re: decoy traffic and legal admissibility of logs in court Ron Hale (Apr 12)
- Re: decoy traffic and legal admissibility of logs in court Philip Ehrens (Apr 12)
- <Possible follow-ups>
- RE: decoy traffic and legal admissibility of logs in court Meritt, Jim (Apr 12)
- Re: decoy traffic and legal admissibility of logs in court Sebastian (Apr 10)