November 27, 2008
I looked into what was once a mirror and I saw someone who looked nothing like me.
Today I thank you, God, for what you did for me; what you didn’t do for him.
Comments Off
November 25, 2008
Looks like I’m done :( Couldn’t answer their question, they basically just wanted me to know stuff about different network protocols – I could explain the protocols but I didn’t know shit about the techncial details :(
It sucks but what can I do?
Comments Off
November 24, 2008
Just putting up my notes, in case anyone cares.
Kerberos
An authorization system. There are three players in a Kerberos system; client, server and the trusted 3rd party.
Login
a. User requests access from Authentication server (AS).
b. If user exists, AS sends Client/Ticket Granting Server (TGS) Session Key and Ticket-Granting-Ticket (TGT).
(The Session Key is encrypted using the user’s hashed password; The TGT is encrypted by the TGS secret key)
c. The Session Key is decrypted by the user’s machine.
We are now authenticated with the Authentication Server.
I need service!
a. We send the TGT, service ID and an authenticator (Client ID/Timestamp) to the TGS.
- (TGT is encrypted already; authenticator is encrypted by the Session ID)
b. The TGT is decrypted by the TGS. Using the session key, the TGS decrypts the authenticator.
- The session ID is extracted from the TGT
c. The TGS returns a CST (Client/Server Ticket) & a Client/Server Session Key.
- The CST has the client id, network addy, and length of validity, and the client/server session key. It is encrypted with the service secret key.
- The C/S Session Key is encrypted using the C/TGS Session Key.
d. With these, the client can authenticate himself to the server. The encrypted CST and an Authenticator (with the client ID and timestamp) are sent.
- The Authenticator is encrypted with the client/server session key.
e. Server returns the timestamp + 1, encrypted with the CS Session Key. Client translates and can use the server now.
Comments Off
