10 Things You Need to Know About Kerberos

kerberos Microsoft NTLM Security Skills

As our research team continues to find vulnerabilities in Microsoft that bypass all major NTLM protection mechanisms, we start to wonder about the successor protocol that replaced NTLM in Windows versions above Windows 2000.

Enter Kerberos. Every child who grew up playing Dungeons and Dragons learned about the mythical creature of Kerberos (also known as Cerberus in Ancient Greek mythology)  - a three headed dog who guards the gates of Hell and prevents dead souls from returning to the world of the living.  

While that memory is nostalgic, most security professionals know Kerberos as a network authentication protocol designed to provide strong authentication for client/server applications by using secret-key cryptography.