Log Sanitization Security Protocols?

EnthusiastXYZ

Limp Gawd
Joined
Jun 26, 2020
Messages
221
What are common log sensitization security protocols and procedures? For example, if I want to post my Wireshark log for someone on forums to examine or send a tip to law enforcement or reporters, which parts of the log should I sanitize to prevent identification of my network topology, location, ISP, and other private information, without compromising log data needed to perform the needed analysis.
 
What are common log sensitization security protocols and procedures? For example, if I want to post my Wireshark log for someone on forums to examine or send a tip to law enforcement or reporters, which parts of the log should I sanitize to prevent identification of my network topology, location, ISP, and other private information, without compromising log data needed to perform the needed analysis.
IP and mac replacement identifiers for a start. I don't really know of anything else you might need to be paranoid about. Unless you're doing something really odd with your topology, there won't be any surprises.

The problem is with the encapsulated application data; with luck it's encrypted, but that also means you don't know what it's saying either. Does it have identifying information? Can the agency you're sending it to decrypt it? No way of really knowing. You could blank the application data in each packet, but that might interfere with what you're trying to do.
 
Back
Top