Search⌘ K
Home
Courses
Kerberos for Beginners: Intro to Network Authentication Protocol

Attacks: Man in the Middle

Explore how man in the middle attacks work within Kerberos authentication. Understand the threat model, how attackers intercept credentials, and the protocol's built-in mechanisms to verify tickets and prevent such hijacks. This lesson equips you to recognize this attack vector and strengthen Kerberos security.

We'll cover the following...

A man-in-the-middle attack, also known as a hijack attack, is an attack where the attacker secretly relays and possibly alters the communications between two parties who believe that they are directly communicating with each other. In the case of Kerberos, the attacker is placed between the KDC and the client and tries to spoof the client into thinking that they are the real KDC.

Mounting a man-in-the-middle attack when Kerberos protocol is in place is slightly complicated and was first reported by Dug Song. Note that Kerberos was designed with the ...