Is Kerberos prone to Brute Force attack?

Hi, I have been to many discussion groups and was recently directed to you for this question. My question is -...

Step 2 of 2:

You forgot to provide an Email Address.

This email address doesn’t appear to be valid.

This email address is already registered. Please login.

You have exceeded the maximum character limit.

Please provide a Corporate E-mail Address.
- I agree to TechTarget’s Terms of Use, Privacy Policy, and the transfer of my information to the United States for processing to provide me with relevant information as described in our Privacy Policy.
Please check the box if you want to proceed.
- I agree to my information being processed by TechTarget and its Partners to contact me via phone, email, or other means regarding information relevant to my professional interests. I may unsubscribe at any time.
Please check the box if you want to proceed.

I know this place is known for experts - so I am counting on you for the right answer.

Kerberos is vulnerable to Password guessing as it cannot detect a dictionary attack. So when we are talking about Kerberos, let me tell you some more weaknesses too:

It Provides Authentication, confidentiality and integrity, but not availability or non-repudiation (as it uses Symmetric Keys).
The KDC is a single Point of failure. If compromised, the integrity of the whole network is compromised.
Secret Keys are stored on User's Workstations. Even the session keys are stored on user?s workstations in cache or key tables.
Hope this is what you were looking for. Let me know if you need any more information.
-Puneet

Dig Deeper on Network Security Monitoring and Analysis

All
News
Get Started
Evaluate
Manage
Problem Solve

Related Q&A from Puneet Mehta

Where can I find Puneet Mehta's most recent network security advice?

To view network security expert Puneet Mehta's latest advice, see his Public Profile on the IT Knowledge Exchange: https://... Continue Reading

How do VPN concentrators and network access servers (NAS) differ?

Find out if there's a difference between a virtual private network (VPN) concentrator and a network access server (NAS) in this explanation from our ... Continue Reading

What keeps unauthorized users from accessing my IP address/Internet?

Our network security expert explains how to keep unauthorized users from accessing your router's IP address for Internet access in this advice ... Continue Reading

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

Meet all of our Networking experts

View all Networking questions and answers

Find network security vulnerabilities by assessing risk

Integrate endpoint management systems for better security

Juniper Security Director helped by Cyphort analytics

Cisco tracks growing role of machine learning, AI in cybersecurity

Integrate endpoint management systems for better security

Juniper Security Director helped by Cyphort analytics

Cisco tracks growing role of machine learning, AI in cybersecurity

What are the top information security objectives for CISOs?

Dynamic ARP Inspection (DAI)

darknet

What is data loss prevention? -- An introduction to DLP

SYN scanning

Aligning IT with business still a struggle for enterprises

New network visibility tools create legacy and clarity issues

How to leverage UDP port scanning as a security scanning tool

Pervasive security is needed to protect modern networks

How can zero-day attack prevention be improved?

How to cut false security, malware alerts in hybrid cloud

Enlightened shadow IT policy collaborates with users

How to understand modern network security threats

Find network security vulnerabilities by assessing risk

Using unified security management to reduce sprawl of security tools

Combatting network threats: Look, Ma, no firewall!

Networking blogs: The evolution of network access control

Please create a username to comment.

Gartner video conferencing Magic Quadrant highlights remote work

Cisco brings Webex Teams messaging to UC-One SaaS

8x8 Video Meetings replaces outdated offering in X Series

New iPhone 11 features focus on consumers, not enterprises

Latest iOS vulnerability puts mobile security in the spotlight

Dangers of biometric authentication for mobile devices

New Dell EPYC servers embrace AMD Rome chips

Can next-gen SIEM help cybersecurity initiatives?

IBM z15 mainframe secures data across multi-cloud environments

One-on-one with Oracle Cloud Infrastructure's SVP

D&H Distributing grows cloud with ConnectWise, SkyKick

Oracle Cloud Infrastructure draws diverse early customers

Dig Deeper on Network Security Monitoring and Analysis

Related Q&A from Puneet Mehta

Have a question for an expert?

Start the conversation

0 comments

Register

Login

Forgot your password?

Your password has been sent to:

Please create a username to comment.