Thanks Mike, I am preparing to present CISSP examination, I am seeing your videos before study theory in some cases. They are very helpful. Kerberos is the devil.
I read the official CISSP study guide, then watch the video. Still confused. Way too many arrows, keys, and authenticators. Need a better way of distinguishing between the parts.
Mike this is a good presentation with about the perfect level of detail. One critique is I didn't see any arrows demonstrating how the database server interacts (if and when) with the AS and TGS. The other one is more of an observation as well as a request, and that is: WHY was kerb designed with this (to the novice like myself in this case) particular structure? Each step must by definition have a purpose where to have done it another way would have increased risk. Given security is an open source community, there must be a consensus on that to some degree. A video with this logic explained along with "well, if we skipped this step then this would happen" etc. - I have subscribed and would gladly watch that if you create it.
With a bit more detail, something like "What if we started with just a username and password? Well, we want to centrally manage so an AS ... OK let's introduce that .. next step etc" and so on
Mike is the next professor messer. His demeanor is much more inviting and is deep dive videos into single topics to help to understand the whole picture
Hello Mike, could you please clarify, does authentication server use password or password hash to encrypt first message it sends? Because it looks as a weak protection measure to encrypt message with such a low length key as passwords usually are and also to store password as is.
A lot better. This needs a well-made animation and also requires background setup information. Where to all these servers live, how do we set them up? Is it a self-working process which is part of the server installation. Crazy stuff!
Thanks Mike, I am preparing to present CISSP examination, I am seeing your videos before study theory in some cases. They are very helpful. Kerberos is the devil.
How in the world did you remember all those steps in that detail. Good on you Mike!
same. It's so complicated
thank you so much!! very clear explanation.
I read the official CISSP study guide, then watch the video. Still confused. Way too many arrows, keys, and authenticators. Need a better way of distinguishing between the parts.
It is confusing!!
Mike this is a good presentation with about the perfect level of detail. One critique is I didn't see any arrows demonstrating how the database server interacts (if and when) with the AS and TGS. The other one is more of an observation as well as a request, and that is: WHY was kerb designed with this (to the novice like myself in this case) particular structure? Each step must by definition have a purpose where to have done it another way would have increased risk. Given security is an open source community, there must be a consensus on that to some degree. A video with this logic explained along with "well, if we skipped this step then this would happen" etc. - I have subscribed and would gladly watch that if you create it.
With a bit more detail, something like "What if we started with just a username and password? Well, we want to centrally manage so an AS ... OK let's introduce that .. next step etc" and so on
Mike is the next professor messer.
His demeanor is much more inviting and is deep dive videos into single topics to help to understand the whole picture
Solid - thank you, Mike. 💫
why are you thanking yourself
Hi sir does the Database server communicate with the KDC to grant access?
Hello Mike, could you please clarify, does authentication server use password or password hash to encrypt first message it sends? Because it looks as a weak protection measure to encrypt message with such a low length key as passwords usually are and also to store password as is.
He doesn't know..
Just reading something like them all
It uses a PWD hash
Mindboggling process that is impossible to track and visualise. I gave up after here ticket, ticket, ticket, ticket. Brutal!
Could have been better.
A lot better. This needs a well-made animation and also requires background setup information. Where to all these servers live, how do we set them up? Is it a self-working process which is part of the server installation. Crazy stuff!