ONJava.com -- The Independent Source for Enterprise Java
oreilly.comSafari Books Online.Conferences.

advertisement

AddThis Social Bookmark Button
Article:
  Protect Yourself Against Kerberos Attacks
Subject:   password cracking
Date:   2007-11-16 15:08:01
From:   greatgrahambini
Response to: password cracking

You misunderstood the article. This is an OFFLINE attack, meaning that the attacker sniffs some cipher text, then takes that cipher text and attempts to guess the password that produced it by encrypting it himself. This cannot be detected or prevented by limiting login attempts because the attacker won't login until he has discovered a valid password offline.