Hi, I have been to many discussion groups and was recently directed to you for this question. My question is -...
Is Kerberos prone to Brute Force attack?
I know this place is known for experts - so I am counting on you for the right answer.
Kerberos is vulnerable to Password guessing as it cannot detect a dictionary attack. So when we are talking about Kerberos, let me tell you some more weaknesses too:
- It Provides Authentication, confidentiality and integrity, but not availability or non-repudiation (as it uses Symmetric Keys).
- The KDC is a single Point of failure. If compromised, the integrity of the whole network is compromised.
- Secret Keys are stored on User's Workstations. Even the session keys are stored on user?s workstations in cache or key tables.
Hope this is what you were looking for. Let me know if you need any more information.
Dig Deeper on Network Security Monitoring and Analysis
Related Q&A from Puneet Mehta
To view network security expert Puneet Mehta's latest advice, see his Public Profile on the IT Knowledge Exchange: https://... Continue Reading
Find out if there's a difference between a virtual private network (VPN) concentrator and a network access server (NAS) in this explanation from our ... Continue Reading
Our network security expert explains how to keep unauthorized users from accessing your router's IP address for Internet access in this advice ... Continue Reading