0 votes 0 votes somebody please tell what is this Kerberos ? LavTheRawkstar asked Mar 17, 2017 LavTheRawkstar 598 views answer comment Share Follow See all 0 reply Please log in or register to add a comment.
1 votes 1 votes Kerberos /ˈkərbərɒs/ is a computer network authentication protocol that works on the basis of 'tickets' to allow nodes communicating over a non-secure network to prove their identity to one another in a secure manner. The protocol was named after the character Kerberos (or Cerberus) from Greek mythology, the ferocious three-headed guard dog of Hades. Its designers aimed it primarily at a client–server model and it provides mutual authentication—both the user and the server verify each other's identity. Kerberos protocol messages are protected against eavesdropping and replay attacks. Kerberos builds on symmetric key cryptography and requires a trusted third party, and optionally may use public-key cryptography during certain phases of authentication.[1] Kerberos uses UDP port 88 by default. Kindly visit d link given below for more details: https://en.wikipedia.org/wiki/Kerberos_(protocol) Devshree Dubey answered Mar 18, 2017 Devshree Dubey comment Share Follow See all 6 Comments See all 6 6 Comments reply LavTheRawkstar commented Mar 18, 2017 reply Follow Share works on the basis of 'tickets' to allow nodes communicating over a non-secure network to prove their identity to one another in a secure manner. What is Tickets over here ? is it token and serial or sequence number of some type?? 0 votes 0 votes LavTheRawkstar commented Mar 18, 2017 reply Follow Share In simple words you are saying that kerberos is set of rule that allows nodes to communciate with each other in a type of environment which is non secure and various threats attacks can occur. In such environment the two nodes or computers communicate and prove their identity to each other and it was primarily aimed in Client- Server model and it provides mutual Authentication? Please explain in easy words what is mutual Authentication , Eavedropping and Reply Attacks ? 0 votes 0 votes Devshree Dubey commented Mar 18, 2017 reply Follow Share @LavTheRawkstar, since it is mentioned dat 'tickets' cud be temporary identity which cud be alloted to d nodes coz d n/w being non secure. As in u take d case of a class with students. The environment is certainly secure, still den too identify d students Teacher assigns temporary roll numbers to d students. Coz two students cud have similar names. And roll numbers cud help identify d students. Also, these roll numbers r of temporary nature. Though d admission no's cud be of a permanent nature. 1 votes 1 votes LavTheRawkstar commented Mar 18, 2017 reply Follow Share Okay sir what is eavesdropping and reply attacks please explain ??? 0 votes 0 votes Devshree Dubey commented Mar 18, 2017 reply Follow Share @LavTheRawkstar, Eavesdropping is the act of surreptitiously listening to a private conversation, typically between hosts on a network. For instance, programs such as Carnivore and NarusInsight have been used by the FBI and NSA to eavesdrop on the systems of internet service providers. Even machines that operate as a closed system (i.e., with no contact to the outside world) can be eavesdropped upon via monitoring the faint electro-magnetic transmissions generated by the hardware; TEMPEST is a specification by the NSA referring to these attacks. Replay attack A replay attack (also known as playback attack) is a form of network attack in which a valid data transmission is maliciously or fraudulently repeated or delayed. This is carried out either by the originator or by an adversary who intercepts the data and re-transmits it, possibly as part of a masquerade attack by IP packet substitution. For more information visit d link mentioned below: https://en.wikipedia.org/wiki/Replay_attack 1 votes 1 votes Devshree Dubey commented Mar 18, 2017 reply Follow Share @LavTheRawkstar, source is wikipedia. :) 0 votes 0 votes Please log in or register to add a comment.