Snapshot of monthly KDC traffic for stanford.edu
Russ Allbery
rra at stanford.edu
Thu Apr 1 19:36:37 EDT 2010
Mark Sirota <msirota at isc.upenn.edu> writes:
> ----- "Russ Allbery" <rra at stanford.edu> wrote:
>> I'm intrigued by the *huge* margin between the number of initial
>> authentications and the number of service tickets issued. This appears
>> to be due to a couple of factors: ...
> Could also be from applications that are attempting to do password
> verification by getting a TGT and then failing to complete the process
> by trying to use it for something. I know we found one popular Java
> library that does that.
Yeah, I'm wondering if Zimbra fails to actually verify the user's
credentials against a local keytab. That would certainly explain a lot of
these, from people using mail clients that are doing password over TLS.
--
Russ Allbery (rra at stanford.edu) <http://www.eyrie.org/~eagle/>
More information about the Kerberos
mailing list