[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [Full-Disclosure] Windows Time Synchronization - Best Practices



On Tue, 2004-10-19 at 11:22, Richard Stevens wrote:
> Why FD? What is the direct security implications of this?
>  
> I'm sure someone can construct a rather tenuous link, but really....


All forensics requires a time line or time reference so the separate
pieces of forensic data can be assembled in the order they happened. 
Otherwise, each data point cannot be related to the others. Data is 
often gathered from multiple devices. Security and time are very much
related.

I would suggest NTP and using GMT.

-- 
James H. Edwards
Routing and Security Administrator
At the Santa Fe Office: Internet at Cyber Mesa
jamesh@xxxxxxxxxxxxx
noc@xxxxxxxxxxxxx
(505) 795-7101

Attachment: signature.asc
Description: This is a digitally signed message part