What happens if my KDC is compromised?
ronnie sahlberg
ronniesahlberg at gmail.com
Fri Sep 17 09:10:09 EDT 2010
They got to the kdc?
Ouch.
Black hat can very likely now authenticate as any user in your
authentication domain to any service. Access any file on your NAS, any
document.
If they got to the kdc, it is basically game over.
You have to re-key every single password in the entire realm.
Depending on how sensitive the systems are and the data, and how
paranoid you are, you might consider rebuilding/reinstalling all
systems from scratch. Servers, workstations, everything. And restore
data from the last known good backup before the systems got
compromised.
I am so happy I am not you right now.
regards
ronnie sahlberg
On Fri, Sep 17, 2010 at 9:28 PM, Bram Cymet <bcymet at cbnco.com> wrote:
> Hi,
>
> What would be the implications if my KDC was compromised and an attacker
> got a hold of the KDB or in my case the LDAP directory storing principal
> information?
>
> As far as I have been able to tell this attacker can now authenticate as
> any of my users. I know the passwords are hashed in the directory but it
> is this hash that is the shared private key between the kdc and the
> client correct?
>
> So an attacker can use this hash to do any pre-auth that is required and
> authenticate to my KDC.
>
> Am I missing something or is it the case that if my KDC was compromised
> I am in big trouble?
>
> If I am using pkinit with certs I believe this problem can be eliminated
> but using certs is not always an option.
>
> Thanks,
>
> --
> Bram Cymet
> Software Developer
> Canadian Bank Note Co. Ltd.
> Cell: 613-608-9752
>
>
> ________________________________________________
> Kerberos mailing list Kerberos at mit.edu
> https://mailman.mit.edu/mailman/listinfo/kerberos
>
More information about the Kerberos
mailing list