On Active Attacks to Kerberos Telnet

DMCA

On Active Attacks to Kerberos Telnet (2001)

Cached

Download Links

[josefsson.org]

Save to List
Add to Collection
Correct Errors
Monitor Changes

by Simon Josefsson , Rsa Laboratories

BibTeX

@MISC{Josefsson01onactive,
    author = {Simon Josefsson and Rsa Laboratories},
    title = {On Active Attacks to Kerberos Telnet},
    year = {2001}
}

OpenURL

Abstract

We present a well-known and well-documented weakness against active attacks in the Telnet Authentication and Encryption Protocol framework, and discuss the consequences for Kerberos (version 4 and 5) Telnet. We recognize that the weakness can ultimately be used by a active attacker to fool Kerberos Telnet users in some implementations. We briefly describe the protocols involved, the weakness, and demonstrate how it can be used to impersonate a server. We conclude with a recommendation on how to solve the identified problem. 1

Keyphrases

active attack kerberos telnet identified problem telnet authentication active attacker kerberos telnet user well-documented weakness encryption protocol framework

DMCA