On Wed, 17 Oct 2001 17:58:44 -0400 (EDT) peff-loganalat_private wrote: > > Agreed. My intent in asking the question was actually focused more on > how the login mechanism should work. Should admin workstations be > allowed to log in? Should physical presence on the loghost be required? What about using HTTPS secured basic authentication (based on apache, of course ;-) I agree that it is larger and more complex than one would like but it is well understood and most outfits have people who know it well enough to set it up securely. It already handles a wide variety of back end authentication mechanisms and the preparing the data for display is relatively straight forward and well understood. Russell Fulton, Computer and Network Security Officer The University of Auckland, New Zealand --------------------------------------------------------------------- To unsubscribe, e-mail: loganalysis-unsubscribeat_private For additional commands, e-mail: loganalysis-helpat_private
This archive was generated by hypermail 2b30 : Wed Oct 17 2001 - 16:34:46 PDT