What is Kerberos?
Kerberos is an authentication protocol that allows two systems to verify their identity with each other to access a resource, regardless of the security of the communication medium. This process is done using a trusted third party called a KDC (Kerberos Key Distribution Centre).
Once the identity validation of two systems has been carried out through Kerberos, an access ticket is generated, which will be delivered to the application to then validate if the user has the appropriate access privileges.
Kerberos is a fundamental part of the Active Directory infrastructure, so knowing its weaknesses and how to protect it is essential for the security of a corporate network.
Cybersecurity articles related to Kerberos
If you want more information about Kerberos, you can read our posts:
- Kerberos (I): How does Kerberos work? – Theory
- Kerberos (II): How to attack Kerberos?
- Kerberos (III): How does delegation work?
- N-day exploit: Kerberos EoP in Linux environments
- Kerberos tickets: Comprehension and exploitation