Detecting Kerberos?
Sensei
senseiwa at mac.com
Sun Jun 25 14:45:02 EDT 2006
On 2006-06-23 20:25:50 +0200, Eric.Berg at phaseforward.com ("Eric Berg") said:
> Is it possible to detect whether Kerberos is present on a network? If
> so, how?
Not easily and possibly not legally.
KDCs have port 88 open, you might user a port scanner, in some networks
is prohibited. You can sniff packets if you have a real access, again,
lawyers can come by. If a networks relies completely on a VPN based
solution, closing gates and having happy kerbeoros KDCs inside for
internal purpose, it's hard. Another possibility is asking the DNS, but
SRV records are not mandatory.
Why don't you just ask the net admins?
--
Sensei <senseiwa at mac.com>
The optimist thinks this is the best of all possible worlds.
The pessimist fears it is true. [J. Robert Oppenheimer]
More information about the Kerberos
mailing list