Proxy for Kerberos?
Derek Atkins
warlord at MIT.EDU
Tue Jul 25 01:42:54 EDT 2006
Quoting Jiva DeVoe <jiva at devoesquared.com>:
> Tell me if this is inherently wrong-thinking...
>
> I want to access a kerberos server that is behind a firewall without
> exposing the kerberos port to the internet. So I want to proxy it
> through a tunnel. I am guessing that Kerberos may have some sort of
> built-in preventative measures within itself to prevent spoofing or
> something like that which would cause this not to work. Is this
> true? If not, is there any reason this wouldn't work?
Why don't you want to expose the kerberos port to the internet at large?
Kerberos is a security service. It's MEANT to be on the internet at
large!
-derek
--
Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
Member, MIT Student Information Processing Board (SIPB)
URL: http://web.mit.edu/warlord/ PP-ASEL-IA N1NWH
warlord at MIT.EDU PGP key available
More information about the krbdev
mailing list