- Tapa blanda: 274 páginas
- Editor: O'Reilly Media; Edición: 1 (5 de septiembre de 2003)
- Colección: Definitive Guides
- Idioma: Inglés
- ISBN-10: 0596004036
- ISBN-13: 978-0596004033
- Valoración media de los clientes: Sé el primero en opinar sobre este producto
- Clasificación en los más vendidos de Amazon: nº233.805 en Libros en idiomas extranjeros (Ver el Top 100 en Libros en idiomas extranjeros)
- Ver el Índice completo
Compara Precios en Amazon
+ Envío GRATIS
Kerberos: The Definitive Guide (Definitive Guides) (Inglés) Tapa blanda – 5 sep 2003
|Nuevo desde||Usado desde|
Los clientes que compraron este producto también compraron
Descripción del producto
Reseña del editor
Kerberos, the single sign-on authentication system originally developed at MIT, deserves its name. It's a faithful watchdog that keeps intruders out of your networks. But it has been equally fierce to system administrators, for whom the complexity of Kerberos is legendary.Single sign-on is the holy grail of network administration, and Kerberos is the only game in town. Microsoft, by integrating Kerberos into Active Directory in Windows 2000 and 2003, has extended the reach of Kerberos to all networks large or small. Kerberos makes your network more secure and more convenient for users by providing a single authentication system that works across the entire network. One username; one password; one login is all you need.Fortunately, help for administrators is on the way. Kerberos: The Definitive Guide shows you how to implement Kerberos for secure authentication. In addition to covering the basic principles behind cryptographic authentication, it covers everything from basic installation to advanced topics like cross-realm authentication, defending against attacks on Kerberos, and troubleshooting.In addition to covering Microsoft's Active Directory implementation, Kerberos: The Definitive Guide covers both major implementations of Kerberos for Unix and Linux: MIT and Heimdal. It shows you how to set up Mac OS X as a Kerberos client. The book also covers both versions of the Kerberos protocol that are still in use: Kerberos 4 (now obsolete) and Kerberos 5, paying special attention to the integration between the different protocols, and between Unix and Windows implementations.If you've been avoiding Kerberos because it's confusing and poorly documented, it's time to get on board! This book shows you how to put Kerberos authentication to work on your Windows and Unix systems.
Biografía del autor
Jason Garman is currently working with computer forensics for the national defense and intelligence communities at Aegis Research Corporation. Previously, he worked at several biotech firms in the Washington, DC area where he helped clients design and implement secure yet easy to use research networks. Jason enjoys working with the practical application of tools and techniques to solve computer and network security problems.
No es necesario ningún dispositivo Kindle. Descárgate una de las apps de Kindle gratuitas para comenzar a leer libros Kindle en tu smartphone, tablet u ordenador.
Obtén la app gratuita:
Detalles del producto
Si eres el vendedor de este producto, ¿te gustaría sugerir ciertos cambios a través del servicio de atención al vendedor?
Opiniones de clientes
|5 estrellas (0%)|
|4 estrellas (0%)|
|3 estrellas (0%)|
|2 estrellas (0%)|
|1 estrella (0%)|
Opiniones de clientes más útiles en Amazon.com
There's also a void where it could explain how to correctly add an app server to the KDC. There's so little info there that I had to resort to Google. I was totally confused between using DNS and Kadmin to manage principles.
Anyway, the book helped me a lot, it just wasn't all I needed. Outside research and translations are needed by now.
However, I wouldn't consider this "The Definitive Guide." It lacks documentation on the krb5.conf configuration file. I found myself referencing the krb5.conf(5) man page for additional info. Also, the documentation that comes with Heimdal is a very good good source for configuration settings.
Another deficiency is the GSSAPI coverage. I did have some trouble setting up my GSSAPI aware SSH with Kerberos. I found myself digging through the ssh man pages and doing some trial and error. Chapter 7 discusses Kerberos enabled applications. SSH is covered there, but I felt the GSSAPI aspect was lacking. Although the author mentions that GSSAPI is not specific to any authentication method and is somewhat out of place in a Kerberos book, I feel this is where the author could have went the extra mile and claimed the right to the title "The Definitive Guide." There are many Kerberized applications today not mentioned in Chapter 7. It would be nice to see a second edition that covers them.
What this book has that you will not find in any other single source is comprehensive coverage of the history, protocols, and implementation of Kerberos complete with diagrams. From a security standpoint, this will really help you understand what is going on in your network. For example, when setting up my firewall rules and NIDS, I really had a grasp on what traffic was going where and what needed to be blocked/detected.
Chapter 6, Security, is very comprehensive and outlines various root compromises, dictionary and brute-force, replay, and man-in-the-middle attacks. It also details the importance of pre-authentication in Kerberos V as well as best practices to protect your key distribution center (KDC).
My Kerberos network is a 10 host homogeneous OpenBSD network running the Heimdal Kerberos V version 0.7.2. Although this book covers the older Heimdal 0.6, it was still very relevant. It also covers the MIT 1.3 implementation (MIT is currently at version 1.6.3). Although this book was published in 2003, it is still worth its price brand new in 2008.
When it came out this was almost certainly a 5 star book. It's age, not it's content is the problem.