From owner-freebsd-hackers@FreeBSD.ORG Sat Jan 14 16:52:35 2006 Return-Path: X-Original-To: freebsd-hackers@freebsd.org Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id EB30016A41F for ; Sat, 14 Jan 2006 16:52:35 +0000 (GMT) (envelope-from les@ns3.safety.net) Received: from safety.net (ns3.safety.net [216.40.201.32]) by mx1.FreeBSD.org (Postfix) with ESMTP id A223243D46 for ; Sat, 14 Jan 2006 16:52:33 +0000 (GMT) (envelope-from les@ns3.safety.net) Received: from ns3.safety.net (localhost [127.0.0.1]) by localhost (8.12.9/8.12.9) with ESMTP id k0EGqSK6006475; Sat, 14 Jan 2006 09:52:28 -0700 Received: (from les@localhost) by ns3.safety.net (8.12.9/8.12.9/Submit) id k0EGqStk006474; Sat, 14 Jan 2006 09:52:28 -0700 Message-Id: <200601141652.k0EGqStk006474@ns3.safety.net> In-Reply-To: <200601141619.k0EGJqN6091994@cwsys.cwsent.com> To: Cy Schubert Date: Sat, 14 Jan 2006 09:52:28 -0700 (MST) From: les@safety.net X-Mailer: ELM [version 2.4ME+ PL94 (25)] MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII Cc: anchor , freebsd-hackers@freebsd.org Subject: Re: My machine been hacked, I need help X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: les@safety.net List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 14 Jan 2006 16:52:36 -0000 > In message <200601141632.29709.doconnor@gsoft.com.au>, "Daniel O'Connor" > writes > Only evidence collected by a forensic analysis tool > is admissible in court. Not necessarily true. Log data that is routinely collected can be admissible. Though, log data that you collected starting when you suspected there was something amiss will not be. -Les -- Les Biffle CISSP Information Systems Security Consultant (480) 585-4099 les@safety.net http://www.les.biffle.org/ Network Safety, PO Box 14461, Scottsdale, AZ 85267