diff options
Diffstat (limited to 'network/krb5/README.krb5')
-rw-r--r-- | network/krb5/README.krb5 | 52 |
1 files changed, 0 insertions, 52 deletions
diff --git a/network/krb5/README.krb5 b/network/krb5/README.krb5 deleted file mode 100644 index 72c522b6a7..0000000000 --- a/network/krb5/README.krb5 +++ /dev/null @@ -1,52 +0,0 @@ -Kerberos is a network authentication protocol. It is designed to -provide strong authentication for client/server applications by using -secret-key cryptography. A free implementation of this protocol is -available from the Massachusetts Institute of Technology. Kerberos is -available in many commercial products as well. - -The Internet is an insecure place. Many of the protocols used in the -Internet do not provide any security. Tools to "sniff" passwords off -of the network are in common use by malicious hackers. Thus, -applications which send an unencrypted password over the network are -extremely vulnerable. Worse yet, other client/server applications rely -on the client program to be "honest" about the identity of the user -who is using it. Other applications rely on the client to restrict its -activities to those which it is allowed to do, with no other -enforcement by the server. - -Some sites attempt to use firewalls to solve their network security -problems. Unfortunately, firewalls assume that "the bad guys" are on -the outside, which is often a very bad assumption. Most of the really -damaging incidents of computer crime are carried out by insiders. -Firewalls also have a significant disadvantage in that they restrict -how your users can use the Internet. (After all, firewalls are simply -a less extreme example of the dictum that there is nothing more secure -then a computer which is not connected to the network --- and powered -off!) In many places, these restrictions are simply unrealistic and -unacceptable. - -Kerberos was created by MIT as a solution to these network security -problems. The Kerberos protocol uses strong cryptography so that a -client can prove its identity to a server (and vice versa) across an -insecure network connection. After a client and server has used -Kerberos to prove their identity, they can also encrypt all of their -communications to assure privacy and data integrity as they go about -their business. - -Kerberos is freely available from MIT, under copyright permissions -very similar those used for the BSD operating system and the X Window -System. MIT provides Kerberos in source form so that anyone who wishes -to use it may look over the code for themselves and assure themselves -that the code is trustworthy. In addition, for those who prefer to -rely on a professionally supported product, Kerberos is available as a -product from many different vendors. - -In summary, Kerberos is a solution to your network security problems. -It provides the tools of authentication and strong cryptography over -the network to help you secure your information systems across your -entire enterprise. We hope you find Kerberos as useful as it has been -to us. At MIT, Kerberos has been invaluable to our -Information/Technology architecture. - -Additional information is available from the MIT Kerberos website: -http://web.mit.edu/kerberos/ |