Forensics
AS400 logs help Jul 13 2007 09:45PM
Fernando Diego Daffara (fernandodaffara epicsoft com ar) (4 replies)
RE: AS400 logs help Jul 17 2007 04:24PM
Shannon.ONeil (Shannon ONeil target com)
Google, Google, Google!!

My search, "AS400" security events login auditing -microsoft
+inurl:ibm

yielded this document;

http://www.auditnet.org/docs/AS400Security.doc

at --> someone else's <-- website. It's not my doc, I can't give
permission for use, but it's out there for the world to read.

I don't know much of anything regarding the AS400, but I learned a lot
about auditing commands from sections K3 and K8.

With your situation, I certainly hope the sysadmin is on your side. If
he or she is a possible adversary, stop NOW and bring in IBM to assist
with the analysis.

Shannon O'Neil, CISSP

-----Original Message-----
From: listbounce (at) securityfocus (dot) com [email concealed] [mailto:listbounce (at) securityfocus (dot) com [email concealed]]
On Behalf Of Fernando Diego Daffara
Sent: Friday, July 13, 2007 4:46 PM
To: forensics (at) securityfocus (dot) com [email concealed]
Subject: AS400 logs help

Hi, I could use some (all) help! I have to make a forensics analysis of
the
AS400 login/logoff logs records. But i don't have any idea about where
to
start looking! :-(

AS400 is another world! Could someone get my an idea about how to start
looking, some web links, etc?

I will be able to ask to the AS400 administrator for the data, but I
want to
go witch some idea about AS400 logs, how to look it, where they are, how
long do they are maintained?

Thanks in advance and I'm really shamed because of my English!

Fernando.

Argentina

[ reply ]
Re: AS400 logs help Jul 17 2007 02:43AM
Michael Sorbera (msorbera satx rr com)
Re: AS400 logs help Jul 17 2007 01:32AM
xelerated (xelerated gmail com)
Re: AS400 logs help Jul 17 2007 12:39AM
Esteban Farao (efarao gmail com)


 

Privacy Statement
Copyright 2010, SecurityFocus