Security Basics mailing list archives
RE: User account auditing
From: "Andrew Shore" <andrew.shore () holistecs com>
Date: Tue, 19 Apr 2005 16:55:20 +0100
John, In my experience it's very simple, in the real world you probably don't. There are a number of products available on the market for single sign on and centralised authentication protocols such as RADIUS but in most organisations these are still not fully implemented or implement able. Another issues is application authentication, many Windows based applications are now active directory enabled but most are not. Each administrator should keep a list of who has access to what at what level but usually this does not happen. It's a very interesting can of worms you have opened and I'd be interested to follow this thread myself:) HTH Andy -----Original Message----- From: John Madden [mailto:chiwawa999 () yahoo com] Sent: 18 April 2005 20:28 To: security-basics () securityfocus com Subject: User account auditing Hi, With multiple platforms like Windows, Linux, As400, Unix etc. How do you manage and verify accounts on these systems ? Do you have all admins send a monthly report on the accounts present, last time account was utilized etc. ? This would also have to be done for database like Oracle, SQL, SYBASE... I would appreciate your comments/suggestions/experience in the matter. Thank you in advance. __________________________________ Do you Yahoo!? Plan great trips with Yahoo! Travel: Now over 17,000 guides! http://travel.yahoo.com/p-travelguide
Current thread:
- User account auditing John Madden (Apr 18)
- <Possible follow-ups>
- Re: User account auditing H Carvey (Apr 19)
- RE: User account auditing Andrew Shore (Apr 19)
- Re: User account auditing John Blackley (Apr 19)