Q
Problem solve Get help with specific problems with your technologies, process and projects.

Is Kerberos prone to Brute Force attack?

Hi, I have been to many discussion groups and was recently directed to you for this question. My question is -...

Is Kerberos prone to Brute Force attack?

I know this place is known for experts - so I am counting on you for the right answer.

Kerberos is vulnerable to Password guessing as it cannot detect a dictionary attack. So when we are talking about Kerberos, let me tell you some more weaknesses too:

  • It Provides Authentication, confidentiality and integrity, but not availability or non-repudiation (as it uses Symmetric Keys).
  • The KDC is a single Point of failure. If compromised, the integrity of the whole network is compromised.
  • Secret Keys are stored on User's Workstations. Even the session keys are stored on user?s workstations in cache or key tables.

    Hope this is what you were looking for. Let me know if you need any more information.
    -Puneet

This was last published in September 2002

Dig Deeper on Network Security Monitoring and Analysis

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

-ADS BY GOOGLE

SearchUnifiedCommunications

SearchMobileComputing

SearchDataCenter

SearchITChannel

Close