Delve into Kerberos fundamentals, exploring network security, authentication, authorization, and auditing. Gain hands-on practice in creating principals, requesting tickets, and mitigating protocol-specific attacks.

data.tar.gz

Kerberos is an essential part of any tech stack. It helps mitigate cyber attacks by providing strong authentication for client/server applications by using secret-key cryptography.

In this course, you will cover the basics of network security including: authentication, authorization, and auditing. You will also learn the fundamental concepts of Kerberos such as Key Distribution Center (KDC), Principals, and Ticketing.

Towards the end of this course, you will explore common attacks that are specific to the protocol and how Kerberos works to triage them. Lastly, you will get some hands-on practice with Kerberos where you’ll work to create a principal and request a Ticket-Granting Ticket from an Authentication Server.

By the time you’re done, you will have picked up a new in-demand skill that will allow you to better protect your data.

Kerberos for Beginners: Intro to Network Authentication Protocol

Another attack Kerberos is prone to is known as the __replay attack__. An attacker monitors the network and makes a copy of the messages between the KDC and the client as they are being exchanged. The copied message can then be replayed back to KDC by the attacker at a later time. For instance, say Laila, after receiving the TGT from the Authentication Server, requests for a service ticket to talk to a file server from where she intends to download a file. The attacker quietly makes a copy of the service ticket the TGS sends to Laila for communicating with the file server. The attacker can’t crack open the service ticket since he doesn’t have Laila’s or the file server’s long-term key. However, he can send this service ticket to the file server after a few hours and make the file server believe it is Laila and not the attacker on the other end. If at this point, the fileserver ignores the short-term session key enclosed in the service ticket and chooses to continue communication without encryption, the attacker will be able to masquerade as Laila.

1. Client sending a request for a service ticket to KDC.


This lesson discusses the replay attack specific to the Kerberos protocol.

Theory

Practice

Quiz

Attacks: Replay Attack