My machine been hacked, I need help
Cy Schubert
Cy.Schubert at komquats.com
Sat Jan 14 09:23:36 PST 2006
In message <200601141652.k0EGqStk006474 at ns3.safety.net>, les at safety.net
writes:
> > In message <200601141632.29709.doconnor at gsoft.com.au>, "Daniel O'Connor"
> > writes
> > Only evidence collected by a forensic analysis tool
> > is admissible in court.
>
> Not necessarily true. Log data that is routinely collected can be
> admissible. Though, log data that you collected starting when you
> suspected there was something amiss will not be.
That is true for logfiles, however Canadian law requires a filesystem
analysis tool. As little as fiveyears ago taking a DD dump of a device was
admissible but I've been told by the RCMP that a forensic analysis tool is
now required. I've been told that this is also true of US law. I'm not sure
about British or European law.
Unfortunately taking people to court over hacking is difficult but not
impossible. Police forces are becoming more receptive to the idea and tools
which have been admitted in court previously make the job of preparing a
successful case easier.
Cheers,
Cy Schubert <Cy.Schubert at komquats.com>
Web: http://www.komquats.com and http://www.bcbodybuilder.com
FreeBSD UNIX: <cy at FreeBSD.org> Web: http://www.FreeBSD.org
BC Government: <Cy.Schubert at gov.bc.ca>
"Lift long enough and I believe arrogance is replaced by
humility and fear by courage and selfishness by generosity
and rudeness by compassion and caring."
-- Dave Draper
More information about the freebsd-hackers
mailing list