[prev in list] [next in list] [prev in thread] [next in thread]
List: loganalysis
Subject: [logs] Re: [[logs] RE: log retention periods (fwd)]
From: Greg Dotoli <gdotoli () bizinfoservices ! com>
Date: 2002-01-29 5:00:34
[Download RAW message or body]
I will speak with someone today who has been doing log analysis and foren=
sics
for various fed and state agencies. I'm sure a best practice has evolved.=
=
Another important aspect to think about is media type. Some agenicies leg=
ally
want logs written to worm devices only. Although tampering may still be
possible, it proves more effective from the beginning.
Greg
Tina Bird <tbird@precision-guesswork.com> wrote:
On Fri, 28 Dec 2001 Bonny_Allen@doh.state.fl.us wrote:
> Hello Tina Bird:
> =
> I got your name and contact information from the LogAnalysis bulletin
board
> sponsored by Security Focus.
> =
> I'm researching computer network/system log retention periods -
specifically
> what length time periods are recommended
> to state agencies for retaining the following types of logs from their
> computer network system:
> =
> Internal
> Windows NT System Event logs
> Email records
> Internet Usage Monitoring Software
> Remote Access logs
> Network Edge routers
> Database transactional logs
> =
> External
> Firewall logs
> Intrusion detection software
> =
> The goal being to have these logs available should law enforcement need=
> them. Do you know of any such recommendations? =
> =
> Any information, references or contacts you can provide would be greatl=
y
> appreciated.
> =
> Bonny Allen
> Inspector Specialist
> Office of the Inspector General =
> Florida Department of Health =
> Phone (850) 245-4444 x 2151 SC 205-4444 x 2151
> Fax (850) 413-8985 Fax SC 293-8985
> Bonny_Allen@doh.state.fl.us =
> =
> =
> =
> =
---------------------------------------------------------------------
To unsubscribe, e-mail: loganalysis-unsubscribe@securityfocus.com
For additional commands, e-mail: loganalysis-help@securityfocus.com
---------------------------------------------------------------------
To unsubscribe, e-mail: loganalysis-unsubscribe@securityfocus.com
For additional commands, e-mail: loganalysis-help@securityfocus.com
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic