Several readers responded to my previous post on pass-the-hash attacks, asking if Kerberos authentication versus LANManager, NTLM, or NTLMv2 was an effective defense. It’s a good question, one that I ...

Account administration in a distributed UNIX/Linux environment can become complicated and messy if done by hand. Large sites use special tools to deal with this problem. In this article, I describe ...

Vincent Danen takes you through the steps to set up Kerberos authentication on NFSv4 for more secure remote access to the server. In past tips we’ve looked at using Kerberos and how to authenticate ...

Microsoft is officially moving to shut the door on RC4 - a legacy cryptographic cipher that has quietly persisted inside Windows authentication environments for decades - and forcing organizations to ...

Microsoft is investigating a new known issue causing enterprise domain controllers to experience Kerberos sign-in failures and other authentication problems after installing cumulative updates ...

Server: Fully-patched 2008 R2, running Certificate Services. The /certsrv virtual directory is using (I believe) default settings. Specifically, this means it's using Windows Authentication, with NTLM ...

Microsoft has fixed a known issue causing authentication problems when Credential Guard is enabled on systems using the Kerberos PKINIT pre-auth security protocol. According to Redmond, these ...

A buffer overflow in the MIT Kerberos 5 network authentication tool’s “krb5_aname_to_localname()” library function could be exploited to gain root privileges on the affected machine. For more, go to: ...

Authentication sits at the heart of enterprise security, making passwords and the authentication mechanisms that use them, prime targets for cybercriminals. For more than 90% of organizations that use ...

Cybercrime accelerates while software vulnerabilities dip, researchers find, 09/17/07: The number of software vulnerabilities recorded in the first half of this year declined, while the use of ...