Aloha, Arne. Where can we find the source code for kerbcrack? It may be useful to point out that Internet Explorer 5.0 and later support Kerberos authentication by way of a Negotiate WWW-Authenticate header that is always sent by IIS paired with a classic NTLM WWW-Authenticate header. IE sends BOTH NTLM and Kerberos authorization data back to IIS, letting it pick the one it prefers to use. Kerbcrack points out the need for IPSec to be used in conjunction with Kerberos, but lazy client implementations that can't be forced to stop using older less-secure authentication methods concurrently with Kerberos are also an ongoing problem. Sincerely, Jason Coombs jasonc@science.org -----Original Message----- From: Arne Vidstrom [mailto:arne.vidstrom@ntsecurity.nu] Sent: Wednesday, November 27, 2002 8:06 PM To: bugtraq@securityfocus.com Subject: Kerberos login sniffer and cracker for Windows 2000/XP Hi all, I've coded a simple Kerberos login sniffer and cracker for Windows 2000/XP that you might find useful. You can find it for download at: http://ntsecurity.nu/toolbox/kerbcrack/ Regards /Arne
