What is Kerberos Protocol?
Submitted by: AdministratorKerberos is an authentication protocol,it is named after a dog who is according to the Greek mythology,- is said to stand at the gates of Hades.In the terms of computer networking it is a collection of softwares used in large networks to authenticate and establish a user's claimed identity.It is developed by MIT and using a combination of encryption as well as distributed databases so that the user can log in start a session.
It has some disadvanteges though.As I said Kereberos had been developed by MIT under the project Athena,- Kerberos is designed to authenticate the end users on the servers.
Kerberos is not a peer to peer system ,nor was it meant to do for one computer system's daemons to contact another computer.
There are many issues concerning to Kerberos.Namely,on most of the computer system there is no a secure area to save the keys.
It is known that a keys must be stored in plain text format in order to obtain a "ticket granting ticket" this area where the tickets are resides obviously supposed be a secured area.
However this is not the case therefore most of the time this is actually a potential security risk.
In case if the plain text key could be obtained by a hacker the Kerberos authentication server in that specific realm can be comprimised fairly easily.
It is also noteable that the other issue is the actual mechanism how the Kerberos handling the keys on a multisuser computer.The keys are cached and can be obtained by other user as well who are logged into the computer network..On a single user workstation only the actual user has access to system resources however if the workstation support multiple users then it is possible for another user on the system to obtain the keys.
Some other weaknesses are also exist in the Kerberos protocol, however those vulnerabilities are too complicated to discuss without the deep understanding of the protocol and the way as it had been implemented.
Submitted by: Administrator
It has some disadvanteges though.As I said Kereberos had been developed by MIT under the project Athena,- Kerberos is designed to authenticate the end users on the servers.
Kerberos is not a peer to peer system ,nor was it meant to do for one computer system's daemons to contact another computer.
There are many issues concerning to Kerberos.Namely,on most of the computer system there is no a secure area to save the keys.
It is known that a keys must be stored in plain text format in order to obtain a "ticket granting ticket" this area where the tickets are resides obviously supposed be a secured area.
However this is not the case therefore most of the time this is actually a potential security risk.
In case if the plain text key could be obtained by a hacker the Kerberos authentication server in that specific realm can be comprimised fairly easily.
It is also noteable that the other issue is the actual mechanism how the Kerberos handling the keys on a multisuser computer.The keys are cached and can be obtained by other user as well who are logged into the computer network..On a single user workstation only the actual user has access to system resources however if the workstation support multiple users then it is possible for another user on the system to obtain the keys.
Some other weaknesses are also exist in the Kerberos protocol, however those vulnerabilities are too complicated to discuss without the deep understanding of the protocol and the way as it had been implemented.
Submitted by: Administrator
Read Online Networks Security Job Interview Questions And Answers
Top Networks Security Questions
☺ | What is an ARP and how does it work? |
☺ | Explain What is the role of Single Sign On in authentication technologies? |
☺ | What is OSPF protocol |
☺ | Explain What does CIA stand for in security management? |
☺ | Explain What are all the technical steps involved when the data transmission from server via router? |
Top Computer Networking Categories
☺ | CCNA Interview Questions. |
☺ | MCSE Interview Questions. |
☺ | CCNP Interview Questions. |
☺ | MCSA Interview Questions. |
☺ | Network Administrator Interview Questions. |