Hi, I have been to many discussion groups and was recently directed to you for this question. My question is -...
Is Kerberos prone to Brute Force attack?
I know this place is known for experts - so I am counting on you for the right answer.
Kerberos is vulnerable to Password guessing as it cannot detect a dictionary attack. So when we are talking about Kerberos, let me tell you some more weaknesses too:
- It Provides Authentication, confidentiality and integrity, but not availability or non-repudiation (as it uses Symmetric Keys).
- The KDC is a single Point of failure. If compromised, the integrity of the whole network is compromised.
- Secret Keys are stored on User's Workstations. Even the session keys are stored on user?s workstations in cache or key tables.
Hope this is what you were looking for. Let me know if you need any more information.
Dig Deeper on Network Security Monitoring and Analysis
Related Q&A from Puneet Mehta
Find out if there's a difference between a virtual private network (VPN) concentrator and a network access server (NAS) in this explanation from our ... Continue Reading
Our network security expert explains how to keep unauthorized users from accessing your router's IP address for Internet access in this advice ... Continue Reading
If you've used MAC address restriction to control your network access on your wireless router, can you extend this to your wired network? Our ... Continue Reading