Kerberos: 88

Security Weaknesses

• Replay attacks on authentication tokens.

• Ticket forgery if encryption is weak.

• Privilege escalation via stolen service tickets or keys.

Security Defense and Mitigation Measures

• Use short ticket lifetimes and renew tickets frequently.

• Enforce strong encryption algorithms (e.g., AES).

• Monitor ticket-granting ticket (TGT) requests and unusual activity.

Indicators of Compromise or Attack

• Unexpected TGT requests or renewals.

• Abnormal service ticket usage.

• Failed Kerberos authentications in logs.