[logs] Log Policy
Greg Vickers
g.vickers at qut.edu.au
Thu Jan 31 19:04:17 PST 2008
Hi Anton,
Anton Chuvakin wrote:
>> If you know of a good resource, or tips on writing such a policy, please
>> let me know :)
>
> Actually, let's create this resource right here on the list out of
> responses (mine is coming later)
>
> This would be extremely useful for many people.
Excellent idea - here is a list of resources I have gathered so far:
- Courtesy of Russell from University of Auckland:
http://auckland.ac.nz/security/LoggingStrategy.htm
- University of NSW courtsey of JFGI:
http://www.maths.unsw.edu.au/computing/complogs.html
- I have sent an inquiry to the CAUDIT group (http://www.caudit.edu.au)
via Neil Thelander, IT Director of QUT
- I would like to get a hold of "Practical Unix & Internet Security, 3rd
Edition (Feb 2003)" which has a part of chapter 21 dedicated to
"Designing a Site-Wide Log Policy" (anyone got a copy? :p)
Themes that I am including so far:
* Scope
* Mitigation of Risk
* Why
* Retention period
I have contacted the Australian Minster of Education as well as the
Office of the Privacy Commissioner to request any information they may have.
More to follow.
--
Greg Vickers
IT Security Engineer & Project Manager
IT Security, Network Services,
Information Technology Services
Queensland University of Technology
L12, 126 Margaret St, Brisbane
Queensland, Australia
Phone: +61 7 3138 6902
Mobile: 0410 434 734
Fax: +61 7 3138 2921
Email: g.vickers at qut.edu.au
IT Security web site: http://www.its.qut.edu.au/itsecurity/
CRICOS No. 00213J
More information about the LogAnalysis
mailing list