[EMAIL PROTECTED] writes:
> Daniel Edward Lovinger <[EMAIL PROTECTED]> writes:
> > This crack attack requires physical access to the kaserver
> > database (/usr/afs/db/kaserver.DB0), and as such cannot be used to
> > construct a remote attack mechanism. This is purely a sysadmin tool.
>
> Of course, if somebody gets access to a kaserver backup tape...
> Not that the existence of Dan's tool changes anything, just a
> reminder to be careful with backup media.
If someone gets access to the backup media, they have access
to the encrypted passwords - which is all they need to decrypt
tickets. The kerberos crack just makes it easy for sysadmins to find
out who has bad passwords. If you don't have kaserver.DB0 locked down
securely, the game is quite over.
dan
