Library items tagged: security

Anonymous
GD/JANET/TECH/001 (13/04)
Anonymous
This document has dealt only with the logs that can be recorded by individual computers and other systems. A great deal of useful information and early warnings can also be obtained by looking at computers and networks in combination. Any organisation that is concerned to protect its own systems and reputation should also be developing systems to monitor these systems. Two examples are given below of what can, and should, be done.
Anonymous
The ways to enable and configure logging will vary from one computer and software system to another, and should be covered in the system documentation. This section cannot deal with such detailed instructions, but identifies a number of common topics that have been found to be useful in many different circumstances.
Anonymous
The remaining group of systems whose logfiles are likely to be of interest is servers. Whilst logs from clients and intermediaries will usually indicate attacks against other sites, logs from servers will normally be used to detect attacks, or attempted attacks, either on the servers themselves or on other local systems. Public servers such as web or mail systems are likely to be the most exposed to hostile activity on the Internet so these should always be configured to keep good and secure logs.
Anonymous
The following examples show some of the types of information that are available to the victims of computer misuse. Real examples have been used with names and addresses modified to protect the sites involved. These are typical of the evidence that may be sent to a site to complain about the activities of its users. In each case the receiving site will need to use additional logs relating to its clients and intermediaries to understand and investigate the origin of the misuse.
Anonymous
Clients
Anonymous
Privacy and Legal Issues
Anonymous
Without collecting and analysing logfiles, it is impossible to know what is happening on a computer system or service. There will be no indication of faults and misuse and when they finally result in complaints from users, there will be no evidence to show the cause of the problem or how it can be cured. Failure to keep logfiles therefore leads rapidly to an unreliable system on which users will naturally be unwilling to rely for any critical function. Reliable systems can only be achieved if their performance is recorded and action taken to prevent or remedy problems.
Anonymous
This content can now be found at https://www.jisc.ac.uk/guides/networking-computers-and-the-law
Anonymous
GD/JANET/TECH/008 (10/10)