[2289] in Kerberos_V5_Development
Re: ["Tony Mione" ] DNS lookups for Host Realm information
daemon@ATHENA.MIT.EDU (Ezra Peisach)
Fri Mar 7 13:54:24 1997
To: Sam Hartman <hartmans@MIT.EDU>
Cc: krbdev@MIT.EDU
In-Reply-To: Your message of "Fri, 07 Mar 1997 11:42:04 EST."
<199703071642.LAA14942@odin.appliedtheory.com>
Date: Fri, 07 Mar 1997 13:52:29 EST
From: Ezra Peisach <epeisach@MIT.EDU>
I believe, although I cannot prove it, that if I can spoof a DNS packet
and fool a host into believing it is a host in my locally administrated
kerberos realm that I could probably break in by fooling login.krb5 to
talking to me for the initial TGT. If memory serves correctly, this
would be sufficient to break into a machine (assuming the machine in
question does not have a keytab).
So, some information in a configuration file is critical, but how much?
As mentioned above, I think realm info is. How about the name of the
servers - is this really critical, or can DNS provide it in an adequate
way?
Just some food for thight...
Ezra
