Loading…
This event has ended. View the official site or create your own event → Check it out
This event has ended. Create your own
View analytic
Wednesday, July 28 • 10:00am - 11:00am
Attacking Kereberos Deployments

Sign up or log in to save this to your schedule and see who's attending!

The Kerberos protocol is provides single sign-on authentication services for users and machines. Its availability on nearly every popular computing platform - Windows, Mac, and UNIX variants - makes it the primary choice for enterprise authentication.

 

However, simply "adding a dash of Kerberos" does not make a magically secure a network. Kerberos is a complicated protocol whose comprehensive description requires dozens of RFCs. To use it securely requires a careful dance between protocol designers, service developers, and system administrators – the kind of dance that never quite stays in step.

 

A careful review of RFCs, deployment guidance, and developer reference materials reveals a host of “theoretical” flaws when Kerberos is used. This presentation will demonstrate new techniques that make the theoretical practical in common Kerberos deployments, and provide guidance to ensure that software and systems are hardened against attack.


Wednesday July 28, 2010 10:00am - 11:00am
Day 1 - OS Wars

Attendees (19)