[39357] in Kerberos
Re: Protocol benchmarking / auditing inquiry
daemon@ATHENA.MIT.EDU (pyllyukko)
Thu Feb 29 07:07:12 2024
Date: Thu, 29 Feb 2024 14:06:38 +0200
From: pyllyukko <pyllyukko@maimed.org>
To: kerberos@mit.edu
Message-ID: <ZeBzTm8Rj0-s477A@maimed.org>
MIME-Version: 1.0
Content-Disposition: inline
In-Reply-To: <YT1PR01MB4187CA8C93DE6AC8560FB1BCFA4E2@YT1PR01MB4187.CANPRD01.PROD.OUTLOOK.COM>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
Ehlo.
On Wed, Feb 14, 2024 at 05:43:47PM +0000, Brent Kimberley via Kerberos wrote:
> Can anyone point me to some methods to benchmark and/or audit Kerberos v5?
A short while ago I submitted a PR[1] for the Lynis project that does
something like that. I also started documenting some of my own Kerberos
hardening stuff here[2].
Disclaimer: I'm quite new to Kerberos, so I might be off with some of
the hardenings, so all additional pointers/corrections are more than
welcome.
[1] https://github.com/CISOfy/lynis/pull/1456
[2] https://github.com/pyllyukko/harden.yml/wiki/Kerberos_hardening_and_maintenance
--
pyllyukko
email: <pyllyukko@maimed.org>
PGP: https://keybase.io/pyllyukko
twitter: https://twitter.com/pyllyukko
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
