Attacks on Kerberos V in a Windows 2000 Environment.

• Previous message: Jan Rutkowski: "Bypassing ServerLock protection"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date:         Thu, 10 Jul 2003 10:04:02 +0300
To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM

Attacks on Kerberos V in a Windows 2000 Environment.

http://www.hut.fi/u/autikkan/kerberos

This seminar paper is a result of a course-related research project. We
present initial findings of weaknesses in applications using Kerberos V as
an authentication mechanism. This paper uses Windows 2000 as an example
platform. Probably the most interesting part in the paper discusses replay
attacks.

We are conducting more research on other products using Kerberos V.
Initial findings show that replay attacks seem to be even more effective
against some implementations. These results, together with the tools
mentioned in the papers, will be published in the near future.

Kimmo Kasslin
kimmo.kasslin@hut.fi

Antti Tikkanen
antti.tikkanen@hut.fi

oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo
Are You "Certifiable"? Summer's Hottest Certification Just Got HOTTER!

With a growth rate exceeding 110%, the TICSA security practitioner
certification is one of the hottest IT credentials available. And now, for
a limited time, you can save 33% off of the TICSA certification exam! To
learn more about the TICSA certification, and to register as a TICSA
candidate online, just go to

http://www.trusecure.com/offer/s0100/

oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo

• Previous message: Jan Rutkowski: "Bypassing ServerLock protection"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]