[Fed-Talk] Common Criteria Tools
[Fed-Talk] Common Criteria Tools
- Subject: [Fed-Talk] Common Criteria Tools
- From: Bill Stevens <email@hidden>
- Date: Wed, 21 Nov 2007 22:27:05 -0800
Apple's Common Criteria (CC) Tools (see http://www.apple.com/support/security/commoncriteria/) provide the means to help set up a Mac for Department of Defense classified processing. As a part of the required computer setup, CC Tools provide the ability to audit certain events such as (1) successful and unsuccessful
logons and logoffs, (2) unsuccessful accesses to
security-relevant objects and directories, including creation, open,
modification, and deletion, (3) changes in user authenticators
(i.e., passwords), and (4) denial of system access
resulting from an excessive number of unsuccessful logon attempts.
I have downloaded the CC tools, initiated auditing, and tried various selections of events to audit. The audit files get created, and an audit file initiation event is recorded, but nothing else. We're tried using praudit as well as the audit file viewer utility but nothing we've tried has resulted in an audit file with any events other than audit startup event recorded.
FYI I'm trying to make this work under OS X 10.4 Server (I've also tried 10.4 client) on an Intel Mac.
Does anyone out there have any working experience with these CC Tools and auditing? Any advice would be most welcome. Thanks ... |
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden