• Create BookmarkCreate Bookmark
  • Create Note or TagCreate Note or Tag
  • PrintPrint

Collecting Evidence

Your log files are the best evidence you can collect to track attacks against your system and use for prosecution in the off-chance that you get authorities to track, capture, and prosecute an attacker. Yes, that does sound like no one cares about your computer, but the reality of home system compromise is that no government agency cares enough to help you. It's up to you to protect yourself and stop the attackers. In that case, you probably don't have to worry much about collecting evidence of an attack for legal prosecution, but you should know the basics behind collecting evidence like corporations do for prosecution.

Collecting all log traffic and attack signatures is a time-consuming and tedious process. You have to save all the data to some form of backup media and be thorough over a lengthy period of time for the evidence to be worthwhile. The main reason you as a home user should collect evidence of attacks is to educate yourself about how people view your presence on the Internet. By educating yourself about attacks, you can prevent future attacks and modify your firewall filter rules to protect yourself. If you know where you are potentially vulnerable, you can fix holes before they become a real problem. Watching what happens in your evidence logs will help you determine the current flavor of attacks that are being used.


PREVIEW

                                                                          

Not a subscriber?

Start A Free Trial


  
  • Creative Edge
  • Create BookmarkCreate Bookmark
  • Create Note or TagCreate Note or Tag
  • PrintPrint