Security Basics mailing list archives
RE: Password management System
From: "Erin Carroll" <amoeba () amoebazone com>
Date: Fri, 26 Mar 2010 13:25:07 -0700
You don't say whether this is only for Unix/Linux or if you also need it to handle Windows or if you need an Enterprise-type tool. You could look into Cyber-Ark's Password Vault and related PIM suite tools. They'll handle pretty much any OS along with firewalls, DB's app suites etc. They're not cheap but it will store, manage, and audit and log for all the requirements you list below. -- Erin Carroll Moderator, SecurityFocus pen-test mailing list "Do Not Taunt Happy-Fun Ball"
-----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Marc-André Laverdière Sent: Wednesday, March 24, 2010 7:20 PM To: Gichuki John Chuksjonia Cc: security-basics () securityfocus com Subject: Re: Password management System I never saw that kind of requirement before. But I think you could use sudo's ability to group things and use that for your access levels. Marc-André LAVERDIÈRE "Perseverance must finish its work so that you may be mature and complete, not lacking anything." -James 1:4 mlaverd.theunixplace.com/blog /"\ \ / ASCII Ribbon Campaign X against HTML e-mail / \ 2010/3/23 Gichuki John Chuksjonia <chuksjonia () gmail com>:Hi guys. Please help on this, been researching but is still wonna hear youideas.Am looking for a secure Password Management System that can work on Unix or Even Linux systems. I wonder if there is any system as above that has several levels of Security. E.g a system password has a higher level, firewall passwords to be more higher, and maybe webapp passwords more lower level etc. Also has info on who to log into each level and if someone tried to bypass to jump to another profile. Any ideas? Regards, ./Chuks -- -- Gichuki John Ndirangu, C.E.H , C.P.T.P, O.S.C.P I.T Security Analyst and Penetration Tester infosigmer () inbox com {FORUM}http://lists.my.co.ke/pipermail/security/ http://nspkenya.blogspot.com/ http://chuksjonia.blogspot.com/ ------------------------------------------------------------------------Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needsan SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be44 2f727d1----------------------------------------------------------------------------------------------------------------------------------------------- - Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be44 2f727d1 ----------------------------------------------------------------------- -
------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- Re: Password management System, (continued)
- Re: Password management System Marc-André Laverdière (Mar 26)
- Password alternatives WALI (Mar 29)
- RE: Password alternatives David Gillett (Mar 30)
- Re: Password alternatives Adam Mooz (Mar 30)
- Message not available
- Fwd: Password alternatives Kurt Buff (Mar 30)
- Re: Password alternatives John Morrison (Mar 30)
- Re: Password alternatives Ansgar Wiechers (Mar 31)
- Re: Password alternatives Brent Gardner (Mar 31)
- Password alternatives WALI (Mar 29)
- Re: Password management System Marc-André Laverdière (Mar 26)
- Re: Password alternatives Yousef Syed (Mar 31)
- Re: Password management System Lim Hock Leong (Mar 30)