|
|
|
|
|
|
by slt2021
442 days ago
|
|
|
the weak point of Kerberos is not the Kerberos protocol itself, but the most popular implementation of it being Microsoft Active Directory. Due to an incredible bloat of AD and entire Windows/Azure ecosystem, it has an enormous attack surface (multiply the universe of all windows ecosystem by the decades of old versions being supported for compatibility), and any vulnerability in the ecosystem (past and present) can lead to escalation and compromise of the Active Directory itself. so is Kerberos secure? as a protocol it is fine, cause it was developed at MIT by smart people. is MSFT AD/Windows ecosystem secure? HELL NO, stay away |
|
|
https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=kerberos