Client Clock Audit - Kerberos
0 Votes |
Description
The amount of clock skew matters for Keberos Authentication. By default requests off by more than 5 minutes are rejected.
References:
http://technet.microsoft.com/en-us/library/cc779260(v=ws.10).aspx
http://support.bigfix.com/inspectors/World%20Objects_Any.html
http://web.mit.edu/kerberos/krb5-1.5/krb5-1.5.4/doc/krb5-admin/Clock-Skew.html
Property Details
2994647 | |
Alpha - Code that was just developed | |
Client Clock Audit - Kerberos | |
BESC | |
jgstew on 5/14/2014 12:33:05 PM | |
jgstew on 5/14/2014 12:33:05 PM | |
4420 Views / 9 Downloads | |
* Average over 0 ratings. ** Log In or Register to add your rating. |
Properties
~Clock_Skew
Period
30 minutes
* Results in a true/false |
(absolute value of (apparent registration server time - now))
Skew < 4 min
Period
30 minutes
* Results in a true/false |
(absolute value of (apparent registration server time - now)) < (4 * minute)
Relevance
Sharing
Social Media: |