If this question just displays a basic lack of knowledge about Kerberos, please feel free to flame me write out of the ng. That said-
In configuring a firewall to work with a system that authenticates with several kerberized services, specifically, email, ftp, & telnet, I'm running into what appears to be a limitation in terms of locking down the system. Specifically, if I want to say that I trust only those applications I've configured for firewall access, I can configure my incoming firewall rules to accept only incoming traffic from TCP connections initiated by those trusted applications. Furthermore, if needed, I can allow outgoing UDP packets, for trusted applications, although this rarely is needed. Because Kerberos uses UDP traffic for (not sure what part of the authentication process, it seems at least to be for when authenticating with the KDC), I have to configure my firewall to accept incoming UDP traffic from the KDC. The hole that concerns is if either, the KDC is compromised (less likely) or if a nice individuals decides to spoof the IP of the KDC and send out malicious packets to the open UDP port over the normal port. For something as secure as Kerberos, this seems like a significant opening, which makes me think that either I'm going screwy somewhere in my reasoning that this is actually a threat; or, that someone who thought this through and has found a work around. Any thoughts, directions, angles to pursue would be greatly appreciated ... Cheers! AH ________________________________________________ Kerberos mailing list [EMAIL PROTECTED] https://mailman.mit.edu/mailman/listinfo/kerberos
