What about weakness side of Kerberos?
Weaknesses of Kerberos The following are some of the potential weaknesses of Kerberos:
• The KDC can be a single point of failure. If the KDC goes down, no one can
access needed resources. Redundancy is necessary for the KDC.
• The KDC must be able to handle the number of requests it receives in a timely
manner. It must be scalable.
• Secret keys are temporarily stored on the users’ workstations, which means it
is possible for an intruder to obtain these cryptographic keys.
• Session keys are decrypted and reside on the users’ workstations, either in a
cache or in a key table. Again, an intruder can capture these keys.
• Kerberos is vulnerable to password guessing. The KDC does not know if a
dictionary attack is taking place.
• Network traffic is not protected by Kerberos if encryption is not enabled.
• If the keys are too short, they can be vulnerable to brute force attacks.
• Kerberos needs all client and server clocks to be synchronized.
Join John Savill for the ALL NEW PowerShell Master Class!
In this master-level training course, you get 9 hours of technical training that will make you a PowerShell Master!
Thursdays, February 11th through 25th
By the end of the course, you will understanding how to create custom modules to achieve amazing results in your environment, in non-Microsoft environments and in Azure.
Topics covered will include:
* PowerShell Fundamentals
* Remote Management
* Connecting Commands and Mastering Objects
* Scripting and Custom Modules
* State Configuration
* PowerShell Workflows, Orchestrator SMA, and Azure Automation
* And much more!
Get answers to questions, share tips, and engage with the IT professional community at myITforum. Are you a data center professional? Join AFCOM for the best data center insights.
Presented by John Savill
Thursdays, February 11th, 18th, and 25th
Enroll Now and Save $130!...
Presented by Johan Arwidmark
Wednesdays, February 17th-March 9th
Presented by Jen Underwood
Thursday, February 18th
This course will introduce SQL...
View CatalogView Shopping Cart
Sponsored Introduction Continue on to (or wait seconds) ×