Library items tagged:

Implementation

Anonymous
Thursday, February 16, 2012 - 07:36
logfiles
logging
security
technical guide
The ways to enable and configure logging will vary from one computer and software system to another, and should be covered in the system documentation. This section cannot deal with such detailed instructions, but identifies a number of common topics that have been found to be useful in many different circumstances.
Read more

Identifying attacks

Anonymous
Thursday, February 16, 2012 - 07:35
technical guide
logfiles
logging
security
The remaining group of systems whose logfiles are likely to be of interest is servers. Whilst logs from clients and intermediaries will usually indicate attacks against other sites, logs from servers will normally be used to detect attacks, or attempted attacks, either on the servers themselves or on other local systems. Public servers such as web or mail systems are likely to be the most exposed to hostile activity on the Internet so these should always be configured to keep good and secure logs.
Read more

Examples

Anonymous
Thursday, February 16, 2012 - 07:35
logfiles
logging
security
technical guide
The following examples show some of the types of information that are available to the victims of computer misuse. Real examples have been used with names and addresses modified to protect the sites involved. These are typical of the evidence that may be sent to a site to complain about the activities of its users. In each case the receiving site will need to use additional logs relating to its clients and intermediaries to understand and investigate the origin of the misuse.
Read more

Tracing misuse

Anonymous
Thursday, February 16, 2012 - 07:34
security
logfiles
logging
technical guide
Clients
Read more

Using logfiles

Anonymous
Thursday, February 16, 2012 - 07:34
logfiles
logging
security
technical guide
Privacy and Legal Issues
Read more

Motivation for logfiles

Anonymous
Thursday, February 16, 2012 - 07:33
logfiles
logging
security
technical guide
Without collecting and analysing logfiles, it is impossible to know what is happening on a computer system or service. There will be no indication of faults and misuse and when they finally result in complaints from users, there will be no evidence to show the cause of the problem or how it can be cured. Failure to keep logfiles therefore leads rapidly to an unreliable system on which users will naturally be unwilling to rely for any critical function. Reliable systems can only be achieved if their performance is recorded and action taken to prevent or remedy problems.
Read more

Investigating copyright complaints

Anonymous
Thursday, February 16, 2012 - 07:28
copyright
copyright complaints
factsheet
investigating
security
This content can now be found at https://www.jisc.ac.uk/guides/networking-computers-and-the-law
Read more

Logfiles Technical Guide

Anonymous
Thursday, February 16, 2012 - 07:24
technical guide
security
logfiles
logging
GD/JANET/TECH/008 (10/10)
Read more

Unusual traffic

Anonymous
Wednesday, February 15, 2012 - 20:31
factsheet
security
unusual traffic
PB/INFO/028 (10/05) On most network access links the traffic flowing in and out shows a similar pattern. Most communications consist of a request going in one direction and a response coming back in the other. The size of the request and response may be different but the pattern of traffic in time should be roughly similar. However, sometimes the inbound and outbound patterns are completely different. This often indicates that there is a security problem somewhere on the network that needs urgent attention.
Read more

Securing networked computers

Anonymous
Wednesday, February 15, 2012 - 20:24
security
network
networked computers
factsheet
PB/INFO/022 (05/07) The role of a computer network should, in its simplest terms, be to carry commands and information from client software running on one computer to server software running on another computer, and to return information in response to those commands. Servers can be divided into two types: those that are freely available to any client and those where access is restricted by some test such as a password, a certificate or an IP address. In an ideal world this would be all the security that was needed: however, this ideal fails in reality for two reasons.
Read more