Marcus, thank you for your reply. > MIT has a bunch of neat basic papers on kerberos. You should > definitely find and read them.
I want specify I'm not a total Kerberos beginner: I've read RFC 1510, several introductory docs, MIT install/admin/user guides and so on; I've played with MIT kerberos, Heimdal and Windows 2000 Kerberos for a while..but maybe I was not able to understand something important. I know Kerberos is designed to securely authenticate principals in a not secure network environment, and this is just the reason of my post here. The attack described, if feasible, shows that Kerberos can sometimes fail if an attacker has complete control of the network. I would like to understand if my conclusions are true or not, because unfortunately I've not enough time and knowledge to experiment.. > In partial answer of your question, yes, kerberos is designed to deal > with the case you mention. Can you please specify, technically, how Kerberos deals with the attack described? My opinion is that after such attack: - an attacker can succesfully authenticate to the application server - he can not use KRB_PRIV messages, because he ignores the session key. - he can receive KRB_SAFE messages, that are transmitted in the clear. Briefly, attacker's capabilities depends on how the secret key included in message KRB_AP_REQ is used after authentication. Feel free to contradict me :) best regards mark ________________________________________________ Kerberos mailing list [EMAIL PROTECTED] https://mailman.mit.edu/mailman/listinfo/kerberos
