Is Kerberos prone to Brute Force attack?

Puneet Mehta, SDG

Hi, I have been to many discussion groups and was recently directed to you for this question. My question is -...

Step 2 of 2:

You forgot to provide an Email Address.

This email address doesn’t appear to be valid.

This email address is already registered. Please login.

You have exceeded the maximum character limit.

Please provide a Corporate E-mail Address.
- I agree to TechTarget’s Terms of Use, Privacy Policy, and the transfer of my information to the United States for processing to provide me with relevant information as described in our Privacy Policy.
Please check the box if you want to proceed.
- I agree to my information being processed by TechTarget and its Partners to contact me via phone, email, or other means regarding information relevant to my professional interests. I may unsubscribe at any time.
Please check the box if you want to proceed.

I know this place is known for experts - so I am counting on you for the right answer.

Kerberos is vulnerable to Password guessing as it cannot detect a dictionary attack. So when we are talking about Kerberos, let me tell you some more weaknesses too:

It Provides Authentication, confidentiality and integrity, but not availability or non-repudiation (as it uses Symmetric Keys).
The KDC is a single Point of failure. If compromised, the integrity of the whole network is compromised.
Secret Keys are stored on User's Workstations. Even the session keys are stored on user?s workstations in cache or key tables.
Hope this is what you were looking for. Let me know if you need any more information.
-Puneet

This was last published in September 2002

Dig Deeper on Network Security Monitoring and Analysis

Related Q&A from Puneet Mehta

Where can I find Puneet Mehta's most recent network security advice?

To view network security expert Puneet Mehta's latest advice, see his Public Profile on the IT Knowledge Exchange: https://... Continue Reading

How do VPN concentrators and network access servers (NAS) differ?

Find out if there's a difference between a virtual private network (VPN) concentrator and a network access server (NAS) in this explanation from our ... Continue Reading

What keeps unauthorized users from accessing my IP address/Internet?

Our network security expert explains how to keep unauthorized users from accessing your router's IP address for Internet access in this advice ... Continue Reading

SearchUnifiedCommunications

RingCentral dials back Zoom partnership with video app launch

The launch of RingCentral's new video app, called RingCentral Video, is a sign the vendor's long-standing partnership with Zoom ...

3 key threats undermining unified communications security

Unified communications security means paying attention to the unique protocols supporting the technology. Here are three threats ...

Video conferencing adoption surge highlights market trends

Amid the throes of coronavirus, organizations have relied on video collaboration. But, after the pandemic subsides, will ...

SearchMobileComputing

Understanding the features of Android enterprise device management

Don't get overwhelmed when managing Android devices in the enterprise. Check out this cheat sheet to understand and use features ...

7 enterprise policies that enhance mobile user experience

Mobile admins must prioritize the mobile user experience they provide on their mobile fleet by deploying policies such as IT ...

iPad Pro news a boon for enterprise users

Apple announced updates to its iPad Pro, including mouse support, but analysts do not believe the changes will lead to widespread...

SearchDataCenter

Build a migration plan for enterprise edge infrastructure

Micro data centers are essential to edge computing use cases. Build an effective migration plan through site selection, ...

Tech giants aim supercomputers, clouds at finding a COVID-19 cure

The new COVID-19 HPC consortium comprised of tech giants, national labs and academia are using supercomputers and clouds to speed...

Top vendor SDDC certification programs for admins

If you decide to grow your knowledge of software-defined data center technologies, VMware, Nuage Networks and Microsoft offer ...

SearchITChannel

New Workspace One features are now GA

Several new features for VMware Workspace One are now generally available -- including an option to accelerate remote onboarding.

Lenovo Data Center Group retools partner program

Lenovo Data Center Group revamped its channel strategy and program, seeking to increase partner engagement and capture more ...

Pythian acquires Agosto in Google Cloud partner deal

The combination of Pythian and Agosto offers a broader set of Google Cloud specializations in fields including cloud migration, ...

Old Microsoft Kerberos vulnerability gets new spotlight

Kerberos platform interoperability connects Windows to the rest of the world

Kerberos: Authentication with some drawbacks

Kerberos security evolves for B2B, mobile tech

Please create a username to comment.