HEADS UP! Kerberos5/Heimdal now default!
Garrett Wollman
wollman at lcs.mit.edu
Mon May 5 12:50:09 PDT 2003
<<On Mon, 5 May 2003 05:37:37 -0700 (PDT), Doug Barton <DougB at freebsd.org> said:
> I'm going to assume that as security officer you're aware of the extremely
> colorful history of kerberos's many vulnerabilities. :)
What ``extremely colorful history of ... vulnerabilities''? I can
think of no more than five times I've had to rebuild my KDC in six
years.
> Also, I'm not impressed with the, "But this is kerb 5, not kerb 4"
> argument, since up till recently the limited deployed base of kerb 5 has
> not made it a very attractive target for hackers.
Kerberos 5 is in every single Windows (>= 2000) installation in the
world. It has a larger installed base than any release of FreeBSD.
If there are any fundamental protocol vulnerabilities, they would be
known by now.
-GAWollman
More information about the freebsd-current
mailing list