Dalarna University's logo and link to the university's website

du.sePublications
Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • chicago-author-date
  • chicago-note-bibliography
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Laws, Logs and Forensic Traceability: Case Study: Windows server applications (firewall, webserver, exchange server)
Dalarna University, School of Technology and Business Studies, Computer Engineering.
2016 (English)Independent thesis Basic level (degree of Bachelor), 10 credits / 15 HE creditsStudent thesis
Abstract [en]

The thesis has investigated the problem of information logging and storage from a forensic standpoint; and the study has been carried out towards a company which cannot be named for confidential reasons. what information should be logged and what has to be logged according to the Swedish law, and for how long time should the logs be saved. The problem here is to find out what in general should be saved into a log file so it can be applied to as many systems as possible. The thesis has also investigated when to do a forensic investigation and what to log in Microsoft server environment (webserver, firewall and exchange server).

I intend to solve the problem by describing what needs to be saved in general and find out if there is a law that demands information to be logged. I intend to find out what needs to be saved from a forensic point of view. I am going to find out what should be logged on Microsoft server applications: webserver, firewall and exchange server.

The method used to solve the problem was with practical study and literature study. Practical study where made on a Microsoft server 2012 on webserver, firewall and exchange server where I looked at the log files and what information that were saved to them.

The report finds out what should be saved in a log file from a forensic point of view and what needs to be saved according to Swedish law. The report finds how long time the log files have to be saved. The report finds when to do a forensic investigation and what to investigate.

Place, publisher, year, edition, pages
2016.
Keywords [en]
Forensic investigation, log files, exchange server, webserver, firewall, PUL, integrity of log files.
National Category
Computer Sciences
Identifiers
URN: urn:nbn:se:du-21805OAI: oai:DiVA.org:du-21805DiVA, id: diva2:940462
Available from: 2016-06-21 Created: 2016-06-21 Last updated: 2018-01-10

Open Access in DiVA

No full text in DiVA

By organisation
Computer Engineering
Computer Sciences

Search outside of DiVA

GoogleGoogle Scholar

urn-nbn

Altmetric score

urn-nbn
Total: 306 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • chicago-author-date
  • chicago-note-bibliography
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf