Results 1 to 3 of 3

Thread: LIES!!!!!!!!! All Lies!

Hybrid View

  1. #1
    JayZie NNTP User

  2. #2
    craig wilson NNTP User

    Re: LIES!!!!!!!!! All Lies!

    Rule #1 of a Forensic Investigator, actually learn what the logs show.

    The logs were 100% accurate but did not contain the data that you
    wanted, which would not have been very valid anyway.

    The fact the bytes are unchanged does not indicate the content has not
    changed.

    The logs actually show the more useful data of the amount of data being
    transferred.

    If you want to make sure the "Source" is unchanged, dont look in log
    files for the byte size of files, run frequent MD5 checks on the source
    files.

    I'm guessing this article is because he did a faulty job someplace where
    he made faulty assumptions about what the data in the log showed and is
    now trying to defend his own mistakes.



    On 7/10/2012 9:06 AM, JayZie wrote:
    > http://blog.spiderlabs.com/2012/07/how_much_data.html



    --
    Craig Wilson - MCNE, MCSE, CCNA
    Novell Knowledge Partner

    Novell does not officially monitor these forums.

    Suggestions/Opinions/Statements made by me are solely my own.
    These thoughts may not be shared by either Novell or any rational human.



  3. #3
    unsigned NNTP User

    Re: LIES!!!!!!!!! All Lies!

    That's really not the mystery they made it out to be... I'm no forensic
    investigator, apache ninja or an ip flow wizard and I new right away the
    larger byte number was with header data.

    I mean, comeon', computers don't make stuff up.

    Well, not Linux ones anyway.



    On 7/10/2012 8:06 AM, JayZie wrote:
    > http://blog.spiderlabs.com/2012/07/how_much_data.html




Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •