Estimated reading time: 4 minutes

Kerberos.NET and the KeyTab File

Kerberos requires the use of shared secrets to validate tickets. These secrets need to be stored somewhere. Windows stores them in the registry — the Security hive specifically. Other platforms store them in keytab files. Keytab files are useful because they’re a well known construct and are supported by many platforms. What’s interesting about them is that they store the derived value used to encrypt the ticket, and not the real secret. This means you don’t need to worry about how the salt is derived, and can just use the value without having to know how to manipulate the underlying…

Estimated reading time: 76 minutes

Going Nuclear: Modeling Threats to Distributed Systems

It probably won’t come as a shock to you that as I was writing up my last post on IoT and my new Geiger counter I was mentally reviewing all the things that scared the crap out of me had me concerned security-wise. I don’t mean the apocalyptic visions of Fallout, but about the fact that I have a device I don’t necessarily trust sitting on my network constantly feeding data to a remote server without much control by me. I’m predictable like that. Upon further review I realized I wanted to write up my thoughts on how I would protect against such an unknown, but really……