[39344] in Kerberos

home help back first fref pref prev next nref lref last post

RE: Protocol benchmarking / auditing inquiry

daemon@ATHENA.MIT.EDU (Brent Kimberley via Kerberos)
Wed Feb 14 12:48:05 2024

To: "kerberos@mit.edu" <kerberos@mit.edu>
Date: Wed, 14 Feb 2024 17:46:48 +0000
Message-ID: <YT1PR01MB418752C508C40187D7D88BC8FA4E2@YT1PR01MB4187.CANPRD01.PROD.OUTLOOK.COM>
In-Reply-To: <YT1PR01MB4187CA8C93DE6AC8560FB1BCFA4E2@YT1PR01MB4187.CANPRD01.PROD.OUTLOOK.COM>
Content-Language: en-US
MIME-Version: 1.0
From: Brent Kimberley via Kerberos <kerberos@mit.edu>
Reply-To: Brent Kimberley <Brent.Kimberley@Durham.ca>
Content-Type: text/plain; charset="utf-8"
Errors-To: kerberos-bounces@mit.edu
Content-Transfer-Encoding: 8bit

Preferably something smaller and more focused than nmap or OpenSCAP. 😉

From: Brent Kimberley
Sent: Wednesday, February 14, 2024 12:44 PM
To: kerberos@mit.edu
Subject: Protocol benchmarking / auditing inquiry

Hi.
Can anyone point me to some methods to benchmark and/or audit Kerberos v5?

For example, SSH:
               Manual
                              Read the RFCs and specs.
              Semi-automatic.
                              jtesta/ssh-audit: SSH server & client security auditing (banner, key exchange, encryption, mac, compression, compatibility, security, etc) (github.com)<https://github.com/jtesta/ssh-audit/>
               Automatic
                              SSH Configuration Auditor (ssh-audit.com)<https://www.ssh-audit.com/>


TLS example upon request.

THIS MESSAGE IS FOR THE USE OF THE INTENDED RECIPIENT(S) ONLY AND MAY CONTAIN INFORMATION THAT IS PRIVILEGED, PROPRIETARY, CONFIDENTIAL, AND/OR EXEMPT FROM DISCLOSURE UNDER ANY RELEVANT PRIVACY LEGISLATION. No rights to any privilege have been waived. If you are not the intended recipient, you are hereby notified that any review, re-transmission, dissemination, distribution, copying, conversion to hard copy, taking of action in reliance on or other use of this communication is strictly prohibited. If you are not the intended recipient and have received this message in error, please notify me by return e-mail and delete or destroy all copies of this message.
________________________________________________
Kerberos mailing list           Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
home help back first fref pref prev next nref lref last post