detection

The user account Kerberos configuration

medium

Language:

describe

The Active Directory depends on the Kerberos for authentication.This is a older protocol, then the implementation of the various security reinforcement measures.Therefore, it is necessary to disable some old options to ensure that the appropriate security.

The solution

If you want to ensure the highest level of security, please configure the Active Directory authentication protocol, to use the latest security parameters and protocols.

See also

The Authentication secrets part II - Kerberos strikes - back

What Is the Kerberos Authentication?

Kerberos RFC 4120

The Kerberos Protocol Tutorial

Detailed information

The name of the:The user account Kerberos configuration

Code name:C - the KERBEROS CONFIG - ACCOUNT

severity:Medium

MITRE ATT&CK information:

Strategy:TA0001,TA0004

Technology:T1078

The attacker known tool

HarmJ0y, Elad Shamir:Rubeus

Baidu
map