Security Basics mailing list archives
RE: Admin password management
From: "Cisternas Marquez, Gonzalo" <gcisternas () cientec com>
Date: Wed, 20 May 2009 14:58:09 -0400
Maybe you can consider Onet Time Pasword? Or any other centralized scheme for several servers passowrd management. Atte. G.C. +-=-=-=-=-=-=-=-=-=-=-=-=-=-=-+ | _ | | Campaña de cinta Ascii ( ) | | - contra el correo X | | HTML / \ | | | +-=-=-=-=-=-=-=-=-=-=-=-=-=-=-+ -----Mensaje original----- De: listbounce () securityfocus com [mailto:listbounce () securityfocus com] En nombre de mamo Enviado el: Miércoles, 20 de Mayo de 2009 8:48 Para: security-basics () securityfocus com Asunto: Admin password management Hi all. I am responsible for the security of a small ISP. I need to manage the admin password of all the machine of the ISP (around 200 system mainly with linux, windows and solaris OS). By admin user I mean stuff like root, oracle, Oracle sys, MSsql SA, Bea admin password etc. We have a policy that require users to authenticate with nominal username/password (and sudo on UN*X) but there are situations where accessing with admin password is required, but it is not acceptable to share the password with all the group that work on IT Assurance activity. I would like to have a product that: - Log who take what password - Log who change the password - Permit to generate a new random password - Have a "decent" security - Permit to profile who can see what password (it is not mandatory) - Permit to add a note to the activity (why the users had the need to take the admin password) I am looking for a product that will be used by around 50-100 people that manage the ISP (not like keepass or password safe where the user has the encrypted db with all the password on the PC). I would appreciate to be able to do this activity with Open Source product, but I can evaluate also commercial product. Do you have any experience to share of product that match may description? Thank you. Mamo ------------------------------------------------------------------------ This list is sponsored by: InfoSec Institute Need to pass the CISSP? InfoSec Institute's CISSP Boot Camp in both Instructor-Led and Online formats is the most concentrated exam prep available. Comprehensive course materials and an expert instructor means you pass the exam. Gain a laser like insight into what is covered on the exam, with zero fluff! http://www.infosecinstitute.com/courses/cissp_bootcamp_training.html ------------------------------------------------------------------------ ------------------------------------------------------------------------ This list is sponsored by: InfoSec Institute Need to pass the CISSP? InfoSec Institute's CISSP Boot Camp in both Instructor-Led and Online formats is the most concentrated exam prep available. Comprehensive course materials and an expert instructor means you pass the exam. Gain a laser like insight into what is covered on the exam, with zero fluff! http://www.infosecinstitute.com/courses/cissp_bootcamp_training.html ------------------------------------------------------------------------
Current thread:
- Admin password management mamo (May 20)
- RE: Admin password management Cornwell, Kay (NIH/NIGMS) [E] (May 21)
- RE: Admin password management Cisternas Marquez, Gonzalo (May 21)
- Re: Admin password management Aarón Mizrachi (May 21)
- <Possible follow-ups>
- Re: Admin password management grady (May 21)
- Re: Admin password management Zhihao Tan (May 22)
- RE: Admin password management Valentin Fernandez Bolland (May 22)
- Re: Admin password management Zhihao Tan (May 22)