Skip to Content.
Sympa Menu

ad-assurance - Re: [AD-Assurance] FW: AD monitoring for failure codes and insecure protocols

Subject: Meeting the InCommon Assurance profile criteria using Active Directory

List archive

Re: [AD-Assurance] FW: AD monitoring for failure codes and insecure protocols


Chronological Thread 
  • From: David Walker <>
  • To:
  • Subject: Re: [AD-Assurance] FW: AD monitoring for failure codes and insecure protocols
  • Date: Wed, 10 Jul 2013 13:40:17 -0700

Fine with me.

David

On Wed, 2013-07-10 at 18:38 +0000, Ann West wrote:
Hi All,


Is it appropriate to loop Brett into our discussion and discuss his questions on an upcoming meeting?


Ann




From: Brett Bieber <>
Reply-To: Brett Bieber <>
Date: Wednesday, July 10, 2013 12:32 PM
To: Ann West <>
Subject: AD monitoring for failure codes and insecure protocols



Hi Ann,


I'm hoping you can put me in contact with someone looking at the AD alternative means. I'm looking for assistance identifying the proper event codes from the domain controller security logs.


My suspicion is that any institution that is not willing to shut down the insecure AD protocols will need to take the approach Chicago has taken, e.g. monitor and remediate. I'm hoping that we can come to consensus on all the AD event codes to monitor, and perhaps some standard monitoring scripts via powershell or Splunk etc to pull those events out and then perform the appropriate IAQ degradation actions.


Thanks for any info you could provide.


--
Brett Bieber
University of Nebraska-Lincoln




Archive powered by MHonArc 2.6.16.

Top of Page