Kerberos Authentication checked by Script at Nagios
-
I am having the XP machine which is to be scripted for the authentication details of the Kerberos.I also need to integrate this script in the Check_mk which is installed for the XP machine.I need to have an alert of the kerberos authentication.How to do this?
-
I am afraid that I do not understand the words that you are using. Kerberos is what Active Directory uses. Are you just seeing if the XP machine can log in?
-
The kerberos is also used in the XP Machine.How to spy the Kerberos activity daily?
-
@Lakshmana said:
The kerberos is also used in the XP Machine.How to spy the Kerberos activity daily?
Kerberos is used by any machine connecting to Active Directory. AD is Kerberos plus other stuff.
WireShark will let you see the network traffic.
-
You just want to spy on the packets? Or is there some specific, useful outcome? Describe your goal, not how you think you want to accomplish it.
-
My password is hacked from the Kerberos only.So I need to monitor the status of the Kerberos for every time.Whether any person got my system in through kerberos
-
@Lakshmana said:
My password is hacked from the Kerberos only.So I need to monitor the status of the Kerberos for every time.Whether any person got my system in through kerberos
What does "hacked from Kerberos" mean? Kerberos does not hack you. Kerberos is your authentication mechanism.
Why do you feel that you were "hacked through Kerberos?"
-
I tried to hack my Windows XP machine.The XP machine was hacked and the password was also shown without any interrupt in a network.
The password of my XP machine was cracked by the Kerberos authentication as well as the NTLM.So I need to protect my XP machine from the password breaking .
-
@Lakshmana said:
I tried to hack my Windows XP machine.The XP machine was hacked and the password was also shown without any interrupt in a network.
The password of my XP machine was cracked by the Kerberos authentication as well as the NTLM.So I need to protect my XP machine from the password breaking .
If you need to be secure, you can't run Windows XP. That's just the basics. For the most basic security you need to be up to date.
Do you are saying that by "you were hacked" that you yourself managed to break into your system?
What did you use to break into the system? Have you considered not exposing Kerberos? Do you have known threats on your network?
How does having a check script stop you from being hacked? You need to lock down your network.
Please don't forget spaces after sentences.
-
Exactly, how do you know you were hacked? Unencrypted Kerberos packets can be used in an offline attack to crack a password, but if you're using a strong enough password this would take to long.
So first things first, I'd say use a better password, but if you're still worried about it, do as @scottalanmiller suggests and upgrade and encrypt your authentication traffic.
