Auditing Feature in Kerberos
K.G. Gokulavasan
kgokulavasan at novell.com
Tue Jan 24 06:57:50 EST 2006
Hi,
We want to audit the tickets issued(authentication) and the password
management(Set/Change Password). Additionally we can consider auditing
the ticket lifetime also.
Regards,
Gokul.
>>> "Henry B. Hotz" <hotz at jpl.nasa.gov> 1/24/06 5:33 AM >>>
What do you want to audit?
If you log the ticket life for each ticket issued then you can in
principle determine who had the rights to access something at a given
time. I'm not sure there is any more information to be had at the
KDC's.
On Jan 23, 2006, at 9:01 AM, krbdev-request at mit.edu wrote:
> Message: 1
> Date: Mon, 23 Jan 2006 04:15:12 -0700
> From: "K.G. Gokulavasan" <kgokulavasan at novell.com>
> Subject: Auditing Feature in Kerberos
> To: <krbdev at mit.edu>
> Message-ID: <43D50818020000F10000A116 at lucius.provo.novell.com>
> Content-Type: text/plain; charset=US-ASCII
>
> Hi,
> We are planning to implement auditing feature for kerberos. We
would
> like to know whether anyone is already working on the auditing
feature
> or any thoughts on how to go about it.
>
> Regards,
> Gokul.
------------------------------------------------------------------------
----
The opinions expressed in this message are mine,
not those of Caltech, JPL, NASA, or the US Government.
Henry.B.Hotz at jpl.nasa.gov, or hbhotz at oxy.edu
More information about the krbdev
mailing list