Print Book $34.95
Safari Books Online
Print Book £24.95
Looking to Reprint this content?
By Jason Garman
First Edition
August 2003
Pages: 270
ISBN 10: 0-596-00403-6 |
ISBN 13: 9780596004033
(Average of 1 Customer Reviews)
Single sign-on is the holy grail of network administration, and Kerberos is the only game in town. Microsoft, by integrating Kerberos into Active Directory in Windows 2000 and 2003, has extended the reach of Kerberos to all networks large or small. Kerberos: The Definitive Guide shows you how to implement Kerberos on Windows and Unix systems for secure authentication. In addition to covering the basic principles behind cryptographic authentication, it covers everything from basic installation to advanced topics like cross-realm authentication, defending against attacks on Kerberos, and troubleshooting.
Full Description
Cover | Table of Contents | Colophon
Featured customer reviews
Kerberos: The Definitive Guide Review, November 11 2003
I have just skimmed through this book and i am now in the prosess of reading it carefully. The book is well organized and covers a lot of ground.
May i point out that SESAME at http://www.cosic.esat.kuleuven.ac.be/sesame/ (referenced in chapter 1) has a book out now.
On the downside, i still feel that there should be more information about the difference between the two distributions (MIT & Heimdal). Perhaps sumarized in a table. No doubt that i will be wiser after reading the book closley. But i like to install software and experiment as i read. While both MIT and Heimdal uses a db, Heimdal can use LDAP as backend. Unfortunatly that is not covered in the book. Probably because it is experimental at this stage.
I must inform that there is another player out there called GNU Shushi (http://www.gnu.org/software/shishi/ & http://savannah.gnu.org/projects/shishi) and even if it is Alpha seems to be updated regulary.
Also on the chapter on security there are two references to Dug Song's web site.
Unfortunatly, Dug Song has in protes of the DIGITAL MILLENNIUM COPYRIGHT ACT. You can still find patch to John the Ripper at : http://www.monkey.org/~dugsong/john-1.6.krb4.patch-3 (referenced on page 104), but the link : http://www.monkey.org/~dugsong/kdcspoof.tgz is wrong. It should be http://www.monkey.org/~dugsong/kdcspoof.tar.gz (referenced on page 109).
There are some security related Kerberos papers at : http://www.gnu.org/software/shishi/research.html
If chapter 3 is a little bit to technical for you, i suggest you read the "Designing an Authentication System: a Dialogue in Four Scenes". You can find it at http://web.mit.edu/kerberos/www/dialogue.html. This could have been an appendix.
I certanly hope the author and O'Reilly will add some updates and extras articles on the O'Reilly Network.
If you are looking for a good book about Kerberos, i belive this is it.
Media reviews "...this book is a godsend...Jason Garman has written the Kerberos bible."
--Dan Ilett, SC Magazine, April 2004
"The book does deliver what it promises: a definitive guide to Kerberos...Would I recommend picking this book up? Definitely."
--Matt Willmore, MacZealots.com, December 2003
http://maczealots.com/reviews/kerberos/
Read all reviews
About O'Reilly | Contact | Jobs | Press Room | How to Advertise | Privacy Policy
|
© 2008, O'Reilly Media, Inc. | (707) 827-7000 / (800) 998-9938
All trademarks and registered trademarks appearing on oreilly.com are the property of their respective owners.