Windows Security Logging and Other Esoterica

thoughts from the Windows auditing team

Browse by Tags

Tagged Content List
  • Blog Post: An interesting logging regulation that doesn't apply to Windows event logs...

    I was browsing around looking for logging regulations and stumbled across this . It's the United State's federal regulation on EDRs - Event Data Recorders - installed in automobiles. EDRs are little log engines, like the "black box" flight data recorders on commercial airliners. They are typically...
  • Blog Post: If you're gonna herd bots, do it from New Zealand!

    A judge in New Zealand declined to convict the admitted (guilty plea) botherder of a million-bot botnet, citing the negative consequences a conviction would have on the young man's future prospects. See the story here . Well duh. The whole theory of crime and punishment is that if you do something...
  • Blog Post: German court bans retention of logged IP addresses

    A German court has ruled that a government web site may not retain IP addresses and other personally identifiable information (PII) in their logs for any longer than the user is actually using the site. The judges pointed out that in many cases it was simple to map an IP address to an identity with...
  • Blog Post: Ensuring that there's no useful data in your logs...

    As I wrote about earlier, TorrentSpy, a file-sharing search engine, was ordered by a U.S. magistrate to enable logging on its servers and to subsequently make those logs available to the MPAA, the plaintiff in an illegal file-sharing lawsuit against TorrentSpy. They have lost their appeals and as a result...
  • Blog Post: United Kingdom passes EC telecom-logging legislation

    To comply with EC telecommunications logging directives (as other EU nations recently have), the UK has passed a law that starting October 1 telecommunications firms must generate and retain logs of landline and mobile communications for one year. http://www.out-law.com/page-8332 http://www.jisclegal...
  • Blog Post: Good List of Regulatory Requirements for Logging

    My friend Dr. Tina Bird has put together a good list of regulatory requirements that pertain to logging and log retention.
  • Blog Post: Draft law in Germany may force telcos & ISPs to gather logs; Gmail Germany may shut down as a result

    A draft law ( English translation ) being proposed in Germany to enforce the European Mandatory Data Retention Directive of 2006 would require telcos, ISPs, and email service providers to track and retain data necessary to trace and identify the source, destination, date, time, duration, type, and communication...
  • Blog Post: *Not* generating logs is not an option... when you're under subpoena

    Working as I do for a company that exists because of copyright, I'm not particularly sympathetic to TorrentSpy, a search engine company that is accused by the Motion Picture Association of America (MPAA) of helping to enable copyright infringement by making it easier to find content on the BitTorrent...
  • Blog Post: Auditing and the Payment Card Industry (PCI) Data Security Standard

    Here is a link to an interesting blog article interpreting the audit requirement of the PCI standard. For reference, here is a link ( pdf ) to the PCI 1.1 Data Security Standard itself. The high-level PCI requirements are listed below. Requirement 10 is the requirement pertaining to audit...
  • Blog Post: Logs and the US Department of Justice Cybercrime Manual

    Source: http://www.usdoj.gov/criminal/cybercrime/s&smanual2002.htm Here is the most relevant excerpt; highlighting is mine. Records of regularly conducted activity. A memorandum, report, record, or data compilation, in any form, of acts, events, conditions, opinions, or diagnoses, made at...
  • Blog Post: Logs and the Canadian Rules for Electronic Evidence

    Source: http://laws.justice.gc.ca/en/c-5/232082.html , 8/31/2006 Here are two excerpts from the Canadian national laws pertaining to the introduction of business records and electronic records as evidence in courts of law. Business Records Inference where information...
Page 1 of 1 (11 items)