Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

pen-test logo Penetration Testing mailing list archives

Re: Linux/Windows Authentication?
From: Phil Wallisch <philip.wallisch () neustar biz>
Date: Fri, 27 Feb 2004 13:58:00 -0500
Try a product called Siteminder by Netegrity.  Most of the
implementations I've seen used username/passwd to generate a cookie in
the client's browser.  I did see that you could use X.509 certs though.

I will say I don't understand your reasons for no passwords.  

On Thu, 2004-02-26 at 10:40, MARTIN M. Bénoni wrote:

Hi list!

I am looking forward to know if there is a way to meet this following 
requirement:

We are setting up an Intranet. On it, each department will be allowed to = 
access a part of the server, for example HR Department will be allowed = to 
access just http://intranet/HR, Financial Department will just be = allowed 
to access to http://intranet/Finance, and so on. As they are = no-IT people, 
we would be looking for a transparent way to authenticate = them and to 
block someone from one department to access a file from = another 
department. User/password may be tough to set up as they will = have to 
remember them and we will have to check if they are not using = weak 
passwords. A PKI/Kerberos/... -based solution would be long to set = up as 
well. I was thinking about some key-based authentication, as it = can 
usually be done with ssh. But looking around the Internet for some = 
information, no way to find out some clues... Moreover, all the clients = 
will be Windows 2000/XP, and our Intranet runs under Linux (Redhat 9.0). = 
Some ideas? :-)

Authentication based on IP addressees would be the easiest solution I = have 
been thinking about, but remains to know if I can tell my Linux box = to 
allow a given bunch of IP addresses to access just a given = directory...

And of course, thanks in advance for the replies!

Bnoni-

_________________________________________________________________
Tired of spam? Get advanced junk mail protection with MSN 8. 
http://join.msn.com/?page=features/junkmail


---------------------------------------------------------------------------
----------------------------------------------------------------------------



---------------------------------------------------------------------------
----------------------------------------------------------------------------

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]