Auditing Feature in Kerberos
Henry B. Hotz
hotz at jpl.nasa.gov
Mon Jan 23 19:03:29 EST 2006
What do you want to audit?
If you log the ticket life for each ticket issued then you can in
principle determine who had the rights to access something at a given
time. I'm not sure there is any more information to be had at the
KDC's.
On Jan 23, 2006, at 9:01 AM, krbdev-request at mit.edu wrote:
> Message: 1
> Date: Mon, 23 Jan 2006 04:15:12 -0700
> From: "K.G. Gokulavasan" <kgokulavasan at novell.com>
> Subject: Auditing Feature in Kerberos
> To: <krbdev at mit.edu>
> Message-ID: <43D50818020000F10000A116 at lucius.provo.novell.com>
> Content-Type: text/plain; charset=US-ASCII
>
> Hi,
> We are planning to implement auditing feature for kerberos. We would
> like to know whether anyone is already working on the auditing feature
> or any thoughts on how to go about it.
>
> Regards,
> Gokul.
------------------------------------------------------------------------
----
The opinions expressed in this message are mine,
not those of Caltech, JPL, NASA, or the US Government.
Henry.B.Hotz at jpl.nasa.gov, or hbhotz at oxy.edu
More information about the krbdev
mailing list