Kerberos survival guide - SPS Ozarks 2010
•Download as PPTX, PDF•
0 likes•932 views
This document provides an overview and agenda for a presentation on Kerberos survival guide. The presentation covers Kerberos logon process, accessing a web site using Kerberos, troubleshooting Kerberos issues, and demonstrations of Kerberos and delegation. It includes definitions of key Kerberos terms like KDC, TGT, and service tickets. Details of the Kerberos protocol that are out of scope are also listed.
Report
Share
Report
Share
![Agenda ,[object Object]](data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7)
Recommended
SharePoint Saturday Kansas City - Kerberos Survival Guide
If it were just BI, Kerberos, and you alone in a jungle, would you be able to survive the encounter? You will after you attend this once in a lifetime event! OK…in reality, if you come to this session, you will understand an important component you need to setup Microsoft Business Intelligence solutions with SharePoint and SQL. You will the learn basics of how Kerberos (an authentication protocol) works, when you want to use it, configuration tips, and what delegation is all about.
Kerberos survival guide SPS Kansas City
This document provides an overview and guide to Kerberos authentication. It begins with introductions and an agenda. The agenda covers Kerberos overview, the logon process, accessing a website, troubleshooting Kerberos, and delegation. It then discusses Kerberos details such as dependencies, service principal names, and references. It concludes with a Q&A section and appendix.
Kerberos Survival Guide SPS Chicago
This document provides an overview and guide to Kerberos authentication including:
- The logon process involving the KDC and TGTs
- Accessing a web site using Kerberos and the request for a service ticket
- Common troubleshooting steps like checking SPNs and time sync
- Demos of delegation and forms-based authentication
- References for further Kerberos reading
Kerberos Survival Guide: Columbus 2015
- Kerberos is an authentication protocol that allows clients to prove their identity to servers in a secure manner.
- The logon process involves a client requesting a Ticket Granting Ticket from the Key Distribution Center, which can then be used to request service tickets for specific servers.
- Accessing a web site involves the client sending its Ticket Granting Ticket to the Ticket Granting Service to request a service ticket for the web server, which is then used to authenticate to that server.
- Common issues that can break Kerberos authentication include time synchronization problems, missing or duplicate service principal names, and expired client tickets.
Kerberos survival guide-STL 2015
- Kerberos is an authentication protocol that allows clients to prove their identity to servers in a secure manner. It uses tickets and encryptions to authenticate users and allows authorized access to resources.
- The logon process involves a client getting a ticket-granting ticket from the key distribution center after proving their identity, which can then be used to request service tickets to access specific resources.
- Common issues that can break Kerberos authentication include time synchronization problems, incorrect service principal name configurations, expired tickets, and non-default port configurations.
Kerberos Survival Guide: SharePoint Saturday Nashville 2015
If it were just BI, Kerberos, and you alone in a jungle, would you be able to survive the encounter? You will after you attend this once in a lifetime event! OK…in reality, if you come to this session, you will understand an important component you need to setup Microsoft Business Intelligence solutions with SharePoint and SQL. You will the learn basics of how Kerberos (an authentication protocol) works, when you want to use it, configuration tips, and what delegation is all about.
Kerberos Survival Guide - St. Louis Day of .Net
This document provides an overview and introduction to Kerberos authentication. It discusses the logon process, accessing a web site, troubleshooting Kerberos, and delegation. The presenter JD Wade is a SharePoint consultant who will demonstrate how Kerberos works and common troubleshooting techniques. The agenda includes details on the Kerberos protocol, dependencies, service principal names, and references for further reading.
Kerberos survival guide
The document provides an overview and agenda for a Kerberos survival guide presentation. The presentation will cover the Kerberos logon process, accessing a web site using Kerberos, troubleshooting Kerberos issues, and demonstrations of Kerberos delegation. The presenter will discuss Kerberos concepts like service principal names, dependencies, and troubleshooting techniques. The agenda also includes time for questions and references additional Kerberos resources.
Recommended
SharePoint Saturday Kansas City - Kerberos Survival Guide
If it were just BI, Kerberos, and you alone in a jungle, would you be able to survive the encounter? You will after you attend this once in a lifetime event! OK…in reality, if you come to this session, you will understand an important component you need to setup Microsoft Business Intelligence solutions with SharePoint and SQL. You will the learn basics of how Kerberos (an authentication protocol) works, when you want to use it, configuration tips, and what delegation is all about.
Kerberos survival guide SPS Kansas City
This document provides an overview and guide to Kerberos authentication. It begins with introductions and an agenda. The agenda covers Kerberos overview, the logon process, accessing a website, troubleshooting Kerberos, and delegation. It then discusses Kerberos details such as dependencies, service principal names, and references. It concludes with a Q&A section and appendix.
Kerberos Survival Guide SPS Chicago
This document provides an overview and guide to Kerberos authentication including:
- The logon process involving the KDC and TGTs
- Accessing a web site using Kerberos and the request for a service ticket
- Common troubleshooting steps like checking SPNs and time sync
- Demos of delegation and forms-based authentication
- References for further Kerberos reading
Kerberos Survival Guide: Columbus 2015
- Kerberos is an authentication protocol that allows clients to prove their identity to servers in a secure manner.
- The logon process involves a client requesting a Ticket Granting Ticket from the Key Distribution Center, which can then be used to request service tickets for specific servers.
- Accessing a web site involves the client sending its Ticket Granting Ticket to the Ticket Granting Service to request a service ticket for the web server, which is then used to authenticate to that server.
- Common issues that can break Kerberos authentication include time synchronization problems, missing or duplicate service principal names, and expired client tickets.
Kerberos survival guide-STL 2015
- Kerberos is an authentication protocol that allows clients to prove their identity to servers in a secure manner. It uses tickets and encryptions to authenticate users and allows authorized access to resources.
- The logon process involves a client getting a ticket-granting ticket from the key distribution center after proving their identity, which can then be used to request service tickets to access specific resources.
- Common issues that can break Kerberos authentication include time synchronization problems, incorrect service principal name configurations, expired tickets, and non-default port configurations.
Kerberos Survival Guide: SharePoint Saturday Nashville 2015
If it were just BI, Kerberos, and you alone in a jungle, would you be able to survive the encounter? You will after you attend this once in a lifetime event! OK…in reality, if you come to this session, you will understand an important component you need to setup Microsoft Business Intelligence solutions with SharePoint and SQL. You will the learn basics of how Kerberos (an authentication protocol) works, when you want to use it, configuration tips, and what delegation is all about.
Kerberos Survival Guide - St. Louis Day of .Net
This document provides an overview and introduction to Kerberos authentication. It discusses the logon process, accessing a web site, troubleshooting Kerberos, and delegation. The presenter JD Wade is a SharePoint consultant who will demonstrate how Kerberos works and common troubleshooting techniques. The agenda includes details on the Kerberos protocol, dependencies, service principal names, and references for further reading.
Kerberos survival guide
The document provides an overview and agenda for a Kerberos survival guide presentation. The presentation will cover the Kerberos logon process, accessing a web site using Kerberos, troubleshooting Kerberos issues, and demonstrations of Kerberos delegation. The presenter will discuss Kerberos concepts like service principal names, dependencies, and troubleshooting techniques. The agenda also includes time for questions and references additional Kerberos resources.
Kerberos and its application in cross realm operations
Here are some ways to mitigate DoS attacks on the foreign KDC:
1. Rate limit AS_REQ requests from unknown users. Drop requests above a threshold.
2. Have the foreign KDC cache authentication failures. Subsequent requests from clients with failures are dropped without processing.
3. Implement challenge-response authentication for unknown users. This adds computational cost to requests making large-scale attacks harder.
4. Use client IP address/port to detect and block sources of excessive requests.
5. Implement authentication via the home KDC only for unknown users, offloading work from the foreign KDC.
6. Use techniques like reverse Turing tests to filter out non-human request sources during
SPS Ozarks 2012: Kerberos Survival Guide
This document provides an overview and agenda for a Kerberos survival guide presentation. The presentation will cover Kerberos logon process, accessing a web site using Kerberos, miscellaneous Kerberos information, and complex Kerberos configurations. It includes dependencies, service principal names (SPNs), and troubleshooting tools for Kerberos. The presentation aims to provide essential information about Kerberos without overcomplicating details.
Rakesh raj
This document discusses Kerberos, an authentication system that allows nodes communicating over an insecure network to verify each other's identity. It provides a history of Kerberos, an overview of how it works using tickets and session keys, the roles of various components like the KDC, and advantages like password encryption. Kerberos allows for secure authentication in open network computing environments and has been widely adopted by companies. Public key cryptography also enhances Kerberos by easing key distribution.
Cued click point image based kerberos authentication protocol
The document presents a proposed authentication system that combines cued click point (CCP) graphical passwords with the Kerberos authentication protocol. CCP uses a sequence of images where the user selects one click point per image. This is made more secure through the addition of a sound signature. The system aims to address weaknesses in text passwords by leveraging human memory for visual information. It also utilizes Kerberos to provide network security and mutual authentication between clients and servers. The proposed model would allow administrators to assign user credentials for system access. Users would select a tolerance level and set graphical passwords by choosing images and click points. Their profile would be generated and the entire login process secured using Kerberos authentication.
Kerberos
An introduction to Kerberos technology. Find out how the negotiation process works and why it is considered secure. Learn what are Kerberos realms, how Kerberos authentication works and how authorization process looks like. Look through all the use cases. See how Kerberos is being used in a classical setting and in the HTTP world with SPNEGO protocol.
Kerberos presentation
This document provides an overview of Kerberos authentication, including:
- Kerberos was developed at MIT and adopted as the default authentication protocol in Windows 2000.
- It provides mutual authentication between a client and server based on tickets containing encrypted client credentials.
- The Kerberos Key Distribution Center (KDC) issues encryption keys to authenticate entities using a shared master key.
Kerberos authentication
Deeper understanding of how Kerberos works . This understanding will work as platform to understand various attacks on it. It also show cases how symmetric key algorithm is used for confidentiality. Some references are from shaun harris CISSP books, primarily the components slide
Kerberos
The Kerberos authentication process involves 6 steps:
1. The client requests a ticket-granting ticket (TGT) from the authentication server (AS).
2. The AS issues the client a TGT encrypted with the ticket-granting service (TGS) key.
3. The client uses the TGT to request a service ticket from the TGS for a particular service.
4. The TGS returns a service ticket encrypted with the service's key and the client/TGS session key to the client.
5. The client presents the service ticket to the service to request access.
6. Upon verification, the service provides access to the client.
An Introduction to Kerberos
This document provides a high-level overview of how Kerberos authentication works. It explains that Kerberos uses a trusted third party called the Key Distribution Center (KDC) to mediate authentication between users and services. The KDC distributes session keys to allow communication and verifies users' identities through cryptographic operations. It also describes how Kerberos implements single sign-on through the use of ticket-granting tickets obtained from the KDC. Some advantages of Kerberos include strong authentication without sending passwords over the network and more convenient single sign-on for users.
SSO with kerberos
The document discusses setting up single sign-on authentication across multiple services on a network using Kerberos and LDAP. It describes creating three virtual machines - one as a central Kerberos/LDAP server and the other two as clients and additional servers. Various network services like SSH, FTP, NFS, and IMAP were configured to use Kerberos for authentication by setting up Kerberos tickets, principals, and configuring the services and clients. LDAP was used to store user information while Kerberos provided single sign-on authentication. Thunderbird email client on a client machine could then retrieve email without additional passwords after initial desktop login.
Kerberos
This document provides an overview of Kerberos, including:
- Kerberos is an authentication protocol that uses symmetric encryption and timestamps to allow nodes communicating over an insecure network to verify each other's identity securely.
- It works by having a client first authenticate with an authentication server to obtain a ticket-granting ticket, then uses that ticket to obtain additional tickets for access to other services.
- Kerberos addresses the need for secure authentication in distributed network environments where the workstations themselves cannot be fully trusted.
Kerberos Authentication Protocol
Kerberos is a network authentication protocol that was developed at MIT in the 1980s to allow nodes communicating over an insecure network to verify each other's identity. It uses tickets and session keys to allow clients and servers to communicate over a non-secure network and establish the identity of the users and servers. The Kerberos authentication process involves three main exchanges between the client, authentication server (KDC), and target server to authenticate users and allow access to services.
Kerberos
This document provides an overview of the Kerberos network authentication protocol. It discusses that Kerberos was developed at MIT to allow secure authentication over insecure networks. It provides a high-level overview of how Kerberos uses tickets and session keys to authenticate users and allow access to services without reentering passwords. The document also summarizes the Needham-Schroeder protocol that inspired part of Kerberos' design and discusses some applications and weaknesses of the Kerberos protocol.
Ch15
User authentication is a fundamental security building block that verifies an entity's claimed identity. It involves identification and verification using something the user knows, possesses, is, or does. Authentication protocols are used to establish identity and exchange session keys securely. Kerberos is a widely used trusted third-party authentication system that allows clients to securely authenticate to services across an organization using tickets. Federated identity management allows common authentication across multiple separate enterprises and applications using standards like SAML and WS-Federation.
Kerberos
Kerberos is an authentication protocol. It helps user and server to communicate through authentication server. Learn more about it in this ppt.
Kerberos
This document provides an overview of Kerberos, an authentication protocol used to securely identify clients within a non-secure network. It discusses Kerberos' design which includes clients, a Key Distribution Center (KDC) consisting of an authentication and ticket granting server, and services. It also defines common Kerberos terms and describes how Kerberos works by having the KDC issue tickets to allow clients access to services. Key features of Kerberos include centralized credential management and reduced protocol weaknesses. A limitation is that compromising the KDC puts the entire infrastructure at risk.
Kerberos case study
Kerberos is a network authentication protocol that provides secure authentication for client/server applications. It uses secret-key cryptography and relies on a trusted third party called the Key Distribution Center (KDC) which is aware of all systems on the network. Kerberos introduces tickets that allow a client access to a server after initial authentication with the KDC. The authentication process involves the client receiving a ticket-granting ticket from the KDC and then exchanging messages with the ticket-granting service and target server to gain access.
Kerberos : An Authentication Application
This document presents an overview of Kerberos authentication protocol. Kerberos was developed at MIT to provide strong authentication on insecure networks. It uses a centralized authentication server and relies on symmetric encryption. The document describes the requirements for Kerberos, differences between versions 4 and 5, key concepts like tickets and authenticators, and the message exchanges involved in the authentication process. The strengths of Kerberos are highlighted as mutual authentication between clients and servers without sending passwords in plain text across the network.
Using Kerberos
Kerberos addresses the core needs of authentication, authorization, and auditing for computer and network security. It provides a centralized account repository and uses tickets to verify the identity of users and servers while optionally encrypting communications. Kerberos involves a password being shared between a user and key distribution center (KDC) to obtain initial credentials in the form of a ticket-granting ticket stored in a credentials cache.
SPS Kansas City: What SharePoint Admin need to know about SQL
You will learn how SharePoint is optimized for SQL, how to properly manage and maintain the SharePoint databases, how to optimize the SQL configuration for SharePoint, what settings in SharePoint need to be changed or not changed to maintain SQL Server performance, and supported methods for providing high availability and disaster recovery.
SharePoint Saturday Kansas City - SharePoint 2013's Dirty Little Secrets
The document discusses several "dirty little secrets" about configuring and setting up SharePoint 2013. It notes that SharePoint 2013 has optional software that must be installed for certain features to work properly. It also discusses how to configure SharePoint 2013 to search Exchange and Lync messages and support Access 2013 databases, but that these require non-trivial configurations. The document outlines several other requirements for properly configuring services, workflows, and other elements of a SharePoint 2013 implementation.
Horizons' Event: SharePoint 2013 upgrades-Notes from the Field
This document summarizes best practices for upgrading a SharePoint 2013 environment, including cleaning up before upgrading, performing conversion work, testing the upgrade, resolving any issues, and not forgetting important steps like upgrading content databases. It was presented by JD Wade, a lead SharePoint consultant, at the SharePoint Saturday St. Louis event on January 11, 2014.
More Related Content
What's hot
Kerberos and its application in cross realm operations
Here are some ways to mitigate DoS attacks on the foreign KDC:
1. Rate limit AS_REQ requests from unknown users. Drop requests above a threshold.
2. Have the foreign KDC cache authentication failures. Subsequent requests from clients with failures are dropped without processing.
3. Implement challenge-response authentication for unknown users. This adds computational cost to requests making large-scale attacks harder.
4. Use client IP address/port to detect and block sources of excessive requests.
5. Implement authentication via the home KDC only for unknown users, offloading work from the foreign KDC.
6. Use techniques like reverse Turing tests to filter out non-human request sources during
SPS Ozarks 2012: Kerberos Survival Guide
This document provides an overview and agenda for a Kerberos survival guide presentation. The presentation will cover Kerberos logon process, accessing a web site using Kerberos, miscellaneous Kerberos information, and complex Kerberos configurations. It includes dependencies, service principal names (SPNs), and troubleshooting tools for Kerberos. The presentation aims to provide essential information about Kerberos without overcomplicating details.
Rakesh raj
This document discusses Kerberos, an authentication system that allows nodes communicating over an insecure network to verify each other's identity. It provides a history of Kerberos, an overview of how it works using tickets and session keys, the roles of various components like the KDC, and advantages like password encryption. Kerberos allows for secure authentication in open network computing environments and has been widely adopted by companies. Public key cryptography also enhances Kerberos by easing key distribution.
Cued click point image based kerberos authentication protocol
The document presents a proposed authentication system that combines cued click point (CCP) graphical passwords with the Kerberos authentication protocol. CCP uses a sequence of images where the user selects one click point per image. This is made more secure through the addition of a sound signature. The system aims to address weaknesses in text passwords by leveraging human memory for visual information. It also utilizes Kerberos to provide network security and mutual authentication between clients and servers. The proposed model would allow administrators to assign user credentials for system access. Users would select a tolerance level and set graphical passwords by choosing images and click points. Their profile would be generated and the entire login process secured using Kerberos authentication.
Kerberos
An introduction to Kerberos technology. Find out how the negotiation process works and why it is considered secure. Learn what are Kerberos realms, how Kerberos authentication works and how authorization process looks like. Look through all the use cases. See how Kerberos is being used in a classical setting and in the HTTP world with SPNEGO protocol.
Kerberos presentation
This document provides an overview of Kerberos authentication, including:
- Kerberos was developed at MIT and adopted as the default authentication protocol in Windows 2000.
- It provides mutual authentication between a client and server based on tickets containing encrypted client credentials.
- The Kerberos Key Distribution Center (KDC) issues encryption keys to authenticate entities using a shared master key.
Kerberos authentication
Deeper understanding of how Kerberos works . This understanding will work as platform to understand various attacks on it. It also show cases how symmetric key algorithm is used for confidentiality. Some references are from shaun harris CISSP books, primarily the components slide
Kerberos
The Kerberos authentication process involves 6 steps:
1. The client requests a ticket-granting ticket (TGT) from the authentication server (AS).
2. The AS issues the client a TGT encrypted with the ticket-granting service (TGS) key.
3. The client uses the TGT to request a service ticket from the TGS for a particular service.
4. The TGS returns a service ticket encrypted with the service's key and the client/TGS session key to the client.
5. The client presents the service ticket to the service to request access.
6. Upon verification, the service provides access to the client.
An Introduction to Kerberos
This document provides a high-level overview of how Kerberos authentication works. It explains that Kerberos uses a trusted third party called the Key Distribution Center (KDC) to mediate authentication between users and services. The KDC distributes session keys to allow communication and verifies users' identities through cryptographic operations. It also describes how Kerberos implements single sign-on through the use of ticket-granting tickets obtained from the KDC. Some advantages of Kerberos include strong authentication without sending passwords over the network and more convenient single sign-on for users.
SSO with kerberos
The document discusses setting up single sign-on authentication across multiple services on a network using Kerberos and LDAP. It describes creating three virtual machines - one as a central Kerberos/LDAP server and the other two as clients and additional servers. Various network services like SSH, FTP, NFS, and IMAP were configured to use Kerberos for authentication by setting up Kerberos tickets, principals, and configuring the services and clients. LDAP was used to store user information while Kerberos provided single sign-on authentication. Thunderbird email client on a client machine could then retrieve email without additional passwords after initial desktop login.
Kerberos
This document provides an overview of Kerberos, including:
- Kerberos is an authentication protocol that uses symmetric encryption and timestamps to allow nodes communicating over an insecure network to verify each other's identity securely.
- It works by having a client first authenticate with an authentication server to obtain a ticket-granting ticket, then uses that ticket to obtain additional tickets for access to other services.
- Kerberos addresses the need for secure authentication in distributed network environments where the workstations themselves cannot be fully trusted.
Kerberos Authentication Protocol
Kerberos is a network authentication protocol that was developed at MIT in the 1980s to allow nodes communicating over an insecure network to verify each other's identity. It uses tickets and session keys to allow clients and servers to communicate over a non-secure network and establish the identity of the users and servers. The Kerberos authentication process involves three main exchanges between the client, authentication server (KDC), and target server to authenticate users and allow access to services.
Kerberos
This document provides an overview of the Kerberos network authentication protocol. It discusses that Kerberos was developed at MIT to allow secure authentication over insecure networks. It provides a high-level overview of how Kerberos uses tickets and session keys to authenticate users and allow access to services without reentering passwords. The document also summarizes the Needham-Schroeder protocol that inspired part of Kerberos' design and discusses some applications and weaknesses of the Kerberos protocol.
Ch15
User authentication is a fundamental security building block that verifies an entity's claimed identity. It involves identification and verification using something the user knows, possesses, is, or does. Authentication protocols are used to establish identity and exchange session keys securely. Kerberos is a widely used trusted third-party authentication system that allows clients to securely authenticate to services across an organization using tickets. Federated identity management allows common authentication across multiple separate enterprises and applications using standards like SAML and WS-Federation.
Kerberos
Kerberos is an authentication protocol. It helps user and server to communicate through authentication server. Learn more about it in this ppt.
Kerberos
This document provides an overview of Kerberos, an authentication protocol used to securely identify clients within a non-secure network. It discusses Kerberos' design which includes clients, a Key Distribution Center (KDC) consisting of an authentication and ticket granting server, and services. It also defines common Kerberos terms and describes how Kerberos works by having the KDC issue tickets to allow clients access to services. Key features of Kerberos include centralized credential management and reduced protocol weaknesses. A limitation is that compromising the KDC puts the entire infrastructure at risk.
Kerberos case study
Kerberos is a network authentication protocol that provides secure authentication for client/server applications. It uses secret-key cryptography and relies on a trusted third party called the Key Distribution Center (KDC) which is aware of all systems on the network. Kerberos introduces tickets that allow a client access to a server after initial authentication with the KDC. The authentication process involves the client receiving a ticket-granting ticket from the KDC and then exchanging messages with the ticket-granting service and target server to gain access.
Kerberos : An Authentication Application
This document presents an overview of Kerberos authentication protocol. Kerberos was developed at MIT to provide strong authentication on insecure networks. It uses a centralized authentication server and relies on symmetric encryption. The document describes the requirements for Kerberos, differences between versions 4 and 5, key concepts like tickets and authenticators, and the message exchanges involved in the authentication process. The strengths of Kerberos are highlighted as mutual authentication between clients and servers without sending passwords in plain text across the network.
Using Kerberos
Kerberos addresses the core needs of authentication, authorization, and auditing for computer and network security. It provides a centralized account repository and uses tickets to verify the identity of users and servers while optionally encrypting communications. Kerberos involves a password being shared between a user and key distribution center (KDC) to obtain initial credentials in the form of a ticket-granting ticket stored in a credentials cache.
What's hot (19)
Kerberos and its application in cross realm operations
Kerberos and its application in cross realm operations
Cued click point image based kerberos authentication protocol
Cued click point image based kerberos authentication protocol
Viewers also liked
SPS Kansas City: What SharePoint Admin need to know about SQL
You will learn how SharePoint is optimized for SQL, how to properly manage and maintain the SharePoint databases, how to optimize the SQL configuration for SharePoint, what settings in SharePoint need to be changed or not changed to maintain SQL Server performance, and supported methods for providing high availability and disaster recovery.
SharePoint Saturday Kansas City - SharePoint 2013's Dirty Little Secrets
The document discusses several "dirty little secrets" about configuring and setting up SharePoint 2013. It notes that SharePoint 2013 has optional software that must be installed for certain features to work properly. It also discusses how to configure SharePoint 2013 to search Exchange and Lync messages and support Access 2013 databases, but that these require non-trivial configurations. The document outlines several other requirements for properly configuring services, workflows, and other elements of a SharePoint 2013 implementation.
Horizons' Event: SharePoint 2013 upgrades-Notes from the Field
This document summarizes best practices for upgrading a SharePoint 2013 environment, including cleaning up before upgrading, performing conversion work, testing the upgrade, resolving any issues, and not forgetting important steps like upgrading content databases. It was presented by JD Wade, a lead SharePoint consultant, at the SharePoint Saturday St. Louis event on January 11, 2014.
What SQL DBAs need to know about SharePoint-Kansas City, Sept 2013
This document provides an overview and guidance for SQL DBAs on key topics related to managing databases for SharePoint. It covers SharePoint database types and schema, performance considerations like server setup, database management, and operations. It also discusses high availability and disaster recovery options like clustering, mirroring and AlwaysOn availability groups. Other sections address the SharePoint kitchen sink of applications, business intelligence integration, and remote blob storage.
SharePoint 2010: Business Insights
This document summarizes Microsoft's business intelligence (BI) tools for SharePoint 2010, including Excel, PowerPivot, Excel Services, Visio Services, PerformancePoint, and Reporting Services. It provides an overview of how each tool can be used to gather, analyze, and present business data in SharePoint. The document also outlines new features for some of the tools in areas like multi-user editing, interactive pivot tables, and reporting on SharePoint lists.
SharePoint 2010: Insights into BI
This document discusses Microsoft business intelligence (BI) tools that can be used with SharePoint. It provides an overview of the various MS BI tools including Excel, PowerPivot, Excel Services, Visio Services, PerformancePoint, and Reporting Services. These tools are used to gather, analyze, visualize and report on business data stored in SharePoint lists or external data sources. The document also highlights some new features for each tool in the Microsoft 2010 product releases.
What SQL DBAs need to know about SharePoint-Indianapolis 2013
With the number of deployments of SharePoint exponentially growing every day, as a DBA, it is very likely you are going to have SharePoint databases on SQL Servers you support. This session reviews SharePoint strictly from the SQL Server perspective. You will learn how SharePoint is optimized for SQL, how to properly manage and maintain the SharePoint databases, how to optimize the SQL configuration for SharePoint, what settings in SharePoint need to be changed or not changed to maintain SQL Server performance, supported methods for providing high availability and disaster recovery, and the part SharePoint and SQL each play in the Microsoft Business Intelligence story.
What SharePoint Admins need to know about SQL-Cinncinati
Does you know there are numerous settings changes you should be making on your SQL Server for your SharePoint farm? Do you know there are settings in SharePoint that you should never change if you wish to maintain SQL performance? This session reviews how to properly setup and maintain SQL Server for a SharePoint farm. You will learn how SharePoint is optimized for SQL, how to properly manage and maintain the SharePoint databases, how to optimize the SQL configuration for SharePoint, what settings in SharePoint need to be changed or not changed to maintain SQL Server performance, and supported methods for providing high availability and disaster recovery.
Viewers also liked (8)
SPS Kansas City: What SharePoint Admin need to know about SQL
SPS Kansas City: What SharePoint Admin need to know about SQL
SharePoint Saturday Kansas City - SharePoint 2013's Dirty Little Secrets
SharePoint Saturday Kansas City - SharePoint 2013's Dirty Little Secrets
Horizons' Event: SharePoint 2013 upgrades-Notes from the Field
Horizons' Event: SharePoint 2013 upgrades-Notes from the Field
What SQL DBAs need to know about SharePoint-Kansas City, Sept 2013
What SQL DBAs need to know about SharePoint-Kansas City, Sept 2013
What SQL DBAs need to know about SharePoint-Indianapolis 2013
What SQL DBAs need to know about SharePoint-Indianapolis 2013
What SharePoint Admins need to know about SQL-Cinncinati
What SharePoint Admins need to know about SQL-Cinncinati
Similar to Kerberos survival guide - SPS Ozarks 2010
Kerberos Survival Guide: SharePointalooza
If it were just BI, Kerberos, and you alone in a jungle, would you be able to survive the encounter? You will after you attend this once in a lifetime event! OK…in reality, if you come to this session, you will understand an important component you need to setup Microsoft Business Intelligence solutions with SharePoint and SQL. You will the learn basics of how Kerberos (an authentication protocol) works, when you want to use it, configuration tips, and what delegation is all about.
Technet.microsoft.com
Kerberos is an authentication protocol that allows nodes communicating over a non-secure network to prove their identity to one another in a secure manner. It is integral to Windows 2000 Active Directory implementations. The document describes the Kerberos authentication process, which involves an initial authentication service exchange, a ticket-granting service exchange, and a client/server exchange between the user and domain controllers. It also discusses key concepts like tickets, ticket-granting tickets, and how Kerberos handles authentication in mixed and multi-domain environments.
Kerberos
This document discusses Kerberos, a network authentication protocol. It provides a centralized authentication service that allows users to authenticate to services across a network without needing to trust individual workstations. Kerberos uses tickets and encryption to allow mutual authentication between clients and servers. Version 4 uses DES encryption and involves an authentication server and ticket granting server. Version 5 improves on Version 4 by addressing technical and environmental issues.
Deep Dive In To Kerberos
- Kerberos is a network authentication protocol developed at MIT in the 1980s to allow clients and servers to authenticate each other over a non-secure network using symmetric-key cryptography and tickets.
- It uses a central authentication server (Key Distribution Center) to authenticate users and distribute session keys to allow communication between users and services on the network in a secure manner.
- The Kerberos workflow involves a client first authenticating with the KDC to obtain a ticket-granting ticket, then using that to request service tickets from the KDC to access specific services.
Kerberos Authentication and SSO (Single Sign On) mechanism by Siavash Golchoo...
The document discusses authentication using single sign-on (SSO) via Kerberos and delegation. It describes the Kerberos authentication process, which involves a client authenticating to the key distribution center (KDC) and obtaining a ticket-granting ticket (TGT) to access services, without requiring transmission of passwords over the network. Kerberos supports delegation which allows a client to delegate authentication to another service, solving the "double-hop" problem that other authentication methods like NTLM and Digest cannot handle natively.
DEF CON 23 - Sean - metcalf - red vs blue ad attack and defense
This document provides an overview of modern Active Directory attacks and defenses. It discusses how red teams use tools like Mimikatz and Kerberoasting to escalate privileges by cracking service account passwords and dumping domain credentials from Domain Controllers. It also outlines blue team defenses like LAPS, advanced auditing, and tools like Microsoft Advanced Threat Analytics to detect these attacks. The goal is to help security professionals understand both offensive techniques and defensive best practices for securing Active Directory environments.
Kerberos Security in Distributed Systems
Kerberos is a network authentication protocol that provides single sign-on capabilities for client-server applications by allowing nodes communicating over a non-secure network to prove their identity to one another in a secure manner. It uses tickets and secret session keys to authenticate users and services. When a client wants to access a service, Kerberos issues it a ticket-granting ticket which it can use to obtain service tickets from the ticket granting service. These tickets contain encrypted proofs of the client's identity that can be verified by the service. Kerberos supports cross-realm authentication and uses shared symmetric keys and timestamps to securely authenticate users within distributed systems. While effective, it has some limitations such as increased computation load, single point of failure if the
Kerberos Architecture.pptx
Kerberos is an authentication system that uses tickets and symmetric encryption to allow clients to securely prove their identity. It has a key distribution center (KDC) with an authentication server and ticket granting server. The KDC issues tickets to authenticated clients that can then be used to access services. When a client wants access to a service, it first gets a ticket-granting ticket from the authentication server, then uses that to get a service ticket from the ticket granting server which can be presented to the desired service. This provides secure single sign-on access within the Kerberos domain.
module1 network security.pdf
Kerberos is an authentication system that allows clients to prove their identity to servers in an open distributed system without sending passwords over the network. It uses tickets and authenticators to allow clients to request services from servers. Kerberos Version 5 improves upon Version 4 by allowing for stronger encryption, longer ticket lifetimes, support for multiple protocols, and easier authentication across multiple realms.
Kerberos Architecture.pptx
#SystemArchitecture Series: #Kerberos Architecture Component and communication flow #architecture
#Kerberos is a ticketing-based #authentication #system, based on the use of #symmetric keys. #Kerberos uses tickets to provide #authentication to resources instead of #passwords. This eliminates the threat of #password stealing via #networksniffing. One of the biggest benefits of #Kerberos is its ability to provide single sign-on (#SSO). Once you log into your #Kerberos environment, you will be automatically logged into other applications in the environment.
To help provide a secure environment, #Kerberos makes use of Mutual #Authentication. In Mutual #Authentication, both the #server and the #client must be authenticated. The client knows that the server can be trusted, and the server knows that the client can be trusted. This #authentication helps prevent man-in-the-middle attacks and #spoofing. #Kerberos is also time sensitive. The tickets in a #Kerberosenvironment must be renewed periodically or they will expire.
CISSPills #1.02
CISSPills are short-lasting presentations covering topics to study in order to prepare CISSP exam. CISSPills is a digest of my notes and doesn't want to replace a studybook, it wants to be only just another companion for self-paced students.
Every issue covers different topics of CISSP's CCBK and the goal is addressing all the 10 domains which compose CISSP.
IN THIS ISSUE:
Domain 1: Access Control
- Identity Management
- Centralised vs Decentralised Access Control
- Directories
- Single Sign-On
- Kerberos
- Kerberos Process
- Kerberos Weaknesses
- SESAME
kerb.ppt
This document discusses network security and the Kerberos authentication protocol. It provides an introduction to Kerberos, describing how it works to allow users and services to authenticate over a network. Kerberos uses secret key cryptography and issues tickets to allow users to securely access remote services without sending passwords over the network in clear text. The document outlines the initialization process when a user requests a ticket-granting ticket from the Kerberos server, and how that ticket is then used to request and access remote services. It also discusses some of the limitations of Kerberos and enhancements being made.
IRJET- Secure Kerberos System in Distributed Environment
This document proposes a secure Kerberos system using AES encryption in a distributed environment. Kerberos is an authentication system that allows clients to securely access networked services. The proposed system uses a new sub-session key for communication between clients and servers to prevent attacks. Tickets in this system include explicit start and end times to allow for arbitrary lifetimes. The system architecture includes an authentication server, ticket granting server, and application server. The authentication server issues a ticket-granting ticket to the client, which can then be used to request service tickets from the ticket granting server. These tickets and authentication messages are encrypted using symmetric keys to allow for secure authentication and prevent replay attacks.
Golden Ticket Attack - AD - Domain Persistence
A Golden Ticket attack is a kind of cyberattack targeting the access control privileges of a Windows environment where Active Directory (AD) is in use.
Web Security
SSL and TLS provide secure communication over the internet using encryption. SSL uses public key encryption to establish a secure connection and exchange keys to encrypt data sent between a client and server. It defines sessions which allow parameters like encryption algorithms to be shared for multiple connections. TLS is an updated version of SSL that uses similar record and handshake protocols. SET is an open standard that uses digital certificates and dual signatures to securely conduct credit card transactions over the internet between cardholders, merchants, issuers and payment gateways.
Kerberos Process.pdf
The Kerberos authentication process involves 11 steps where the client authenticates with an authentication server (AS) to obtain a ticket-granting ticket (TGT), which is then used to authenticate with a ticket-granting server (TGS) to get a service ticket for a specific service. The TGS and service both verify the ticket and authenticate the client by decrypting messages encrypted with shared session keys. The AS, TGS, and services all rely on keys stored in a central database managed by the key distribution center (KDC) to verify tickets and authenticate clients.
Kerberos Protocol
Kerberos is a computer network authentication protocol which works on the basis of 'tickets' to allow
nodes communicating over a non-secure network to prove their identity to one another in a secure
manner. Its designers aimed it primarily at a client–server model and it provides mutual
authentication—both the user and the server verify each other's identity. Kerberos protocol messages
are protected against eavesdropping and replay attacks.
Week3 lecture
This document provides an overview of a lecture on access control. It covers several topics:
- Access control authentication methods like passwords, tokens, and biometrics. As well as single sign-on and Kerberos.
- Access control models including DAC, MAC, and RMAC.
- Types of access control including technical, physical, and administrative controls.
- Authentication concepts like verifying identity, authorization, and limiting actions. Password risks and controls are also discussed.
SSL-image
SSL handshake involves the following steps:
1. The client sends a client hello with SSL version, random data, session ID, and cipher details.
2. The server responds with a server hello containing SSL version, random data, session ID, cipher, and certificate. It may also request client authentication.
3. If requested, the client sends its certificate and generates a premaster secret to establish encrypted communication.
Similar to Kerberos survival guide - SPS Ozarks 2010 (20)
Kerberos Authentication and SSO (Single Sign On) mechanism by Siavash Golchoo...
Kerberos Authentication and SSO (Single Sign On) mechanism by Siavash Golchoo...
DEF CON 23 - Sean - metcalf - red vs blue ad attack and defense
DEF CON 23 - Sean - metcalf - red vs blue ad attack and defense
IRJET- Secure Kerberos System in Distributed Environment
IRJET- Secure Kerberos System in Distributed Environment
More from J.D. Wade
Cloud Security Fundamentals - St. Louis O365 Users Group
This session will provide key Microsoft cloud security standards which will allow you to maximize your organization's security posture using existing licenses, align with Microsoft's cloud security strategy, and reduce attack surface from legacy technologies. The adoption of core cloud security standards included in this discussion are how to establish single sign-on, how to only allow modern authentication, what are trusted identities and trusted devices, how to classify and protect content, and how to monitor and report on security and breaches. All of this discussion will be done in mind with usage occurring on a zero trust network.
Connected at the hip for MS BI: SharePoint and SQL
This document summarizes a presentation about connecting SharePoint and SQL using Microsoft Business Intelligence (BI) tools. It discusses SQL Reporting Services and SQL Analysis Services integrated with SharePoint, including supported versions. It also covers topics like delegation and Kerberos authentication required to share data across servers and domains. The presentation provides an overview of configurations and components involved in setting up these Microsoft BI solutions integrated with SharePoint and SQL.
What SQL DBA's need to know about SharePoint
With the number of deployments of SharePoint exponentially growing every day, as a DBA, it is very likely you are going to have SharePoint databases on SQL Servers you support. This session reviews SharePoint strictly from the SQL Server perspective. You will learn how SharePoint is optimized for SQL, how to properly manage and maintain the SharePoint databases, how to optimize the SQL configuration for SharePoint, what settings in SharePoint need to be changed or not changed to maintain SQL Server performance, and supported methods for providing high availability and disaster recovery.
SharePoint Saturday St. Louis 2014: What SharePoint Admins need to know about...
You will learn how SharePoint is optimized for SQL, how to properly manage and maintain the SharePoint databases, how to optimize the SQL configuration for SharePoint, what settings in SharePoint need to be changed or not changed to maintain SQL Server performance, and supported methods for providing high availability and disaster recovery.
SPS St. Louis: SharePoint 2013 upgrades: Notes from the Field
The document summarizes a presentation on SharePoint 2013 upgrades. It includes an agenda that covers cleaning up the existing environment, conversion work, testing upgrades, resolving issues, and detective work. It also provides information on how to evaluate sessions using a mobile app and thanks sponsors of the SharePoint Saturday event.
What SQL DBA's need to know about SharePoint-St. Louis 2013
With the number of deployments of SharePoint exponentially growing every day, as a DBA, it is very likely you are going to have SharePoint databases on SQL Servers you support. This session reviews SharePoint strictly from the SQL Server perspective. You will learn how SharePoint is optimized for SQL, how to properly manage and maintain the SharePoint databases, how to optimize the SQL configuration for SharePoint, what settings in SharePoint need to be changed or not changed to maintain SQL Server performance, supported methods for providing high availability and disaster recovery, and the part SharePoint and SQL each play in the Microsoft Business Intelligence story.
What SQL DBAs need to know about SharePoint
This document discusses what SQL DBAs need to know about implementing and managing SharePoint databases. It covers topics such as the SQL implementation challenges in SharePoint, recommended database configuration including storage, sizing, and high availability options. It also discusses maintenance best practices for SharePoint databases such as monitoring, integrity checks, index maintenance and shrinking databases. Upcoming enhancements in SharePoint 2010 that improve SQL integration are also mentioned.
SharePoint 2010: Insights into BI
The document discusses business intelligence (BI) tools in SharePoint 2010, including Excel, PowerPivot, Excel Services, Visio Services, PerformancePoint, and Reporting Services. It provides an overview of each tool's purpose and some new features in SharePoint 2010, such as interactive PivotTables in Excel Services and improved scorecards in PerformancePoint. The document concludes with a call for questions.
SharePoint 2010 IT Pro Overview
IT Pro Value in SharePoint 2010 includes scalable infrastructure, simplified deployment, and security features without overhead for IT. The product provides predictable upgrades, logging and monitoring, and aims to get ahead of issues through features like the health analyzer. The developer dashboard allows monitoring of page performance and has various states that can be toggled via STSADM commands. SharePoint 2010 uses a service application architecture with services like search and user profiles that can be deployed separately from web front ends. Granular backup options are available in the central administration site or via PowerShell.
Internet And Facebook Safety
This document provides safety tips for internet and Facebook use. It recommends communicating with children about safety, learning about the sites they use, and being involved by understanding what they do online and monitoring their activities. Specific tips include using parental control software, maintaining age-appropriate privacy levels for social media, and educating children about protecting personal information and using strong passwords. Resources are also listed to help parents and children learn about internet safety.
More from J.D. Wade (10)
Cloud Security Fundamentals - St. Louis O365 Users Group
Cloud Security Fundamentals - St. Louis O365 Users Group
Connected at the hip for MS BI: SharePoint and SQL
Connected at the hip for MS BI: SharePoint and SQL
SharePoint Saturday St. Louis 2014: What SharePoint Admins need to know about...
SharePoint Saturday St. Louis 2014: What SharePoint Admins need to know about...
SPS St. Louis: SharePoint 2013 upgrades: Notes from the Field
SPS St. Louis: SharePoint 2013 upgrades: Notes from the Field
What SQL DBA's need to know about SharePoint-St. Louis 2013
What SQL DBA's need to know about SharePoint-St. Louis 2013
Recently uploaded
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Discover how MongoDB Atlas and vector search technology can revolutionize your application's search capabilities. This comprehensive presentation covers:
* What is Vector Search?
* Importance and benefits of vector search
* Practical use cases across various industries
* Step-by-step implementation guide
* Live demos with code snippets
* Enhancing LLM capabilities with vector search
* Best practices and optimization strategies
Perfect for developers, AI enthusiasts, and tech leaders. Learn how to leverage MongoDB Atlas to deliver highly relevant, context-aware search results, transforming your data retrieval process. Stay ahead in tech innovation and maximize the potential of your applications.
#MongoDB #VectorSearch #AI #SemanticSearch #TechInnovation #DataScience #LLM #MachineLearning #SearchTechnology
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
Maruthi Prithivirajan, Head of ASEAN & IN Solution Architecture, Neo4j
Get an inside look at the latest Neo4j innovations that enable relationship-driven intelligence at scale. Learn more about the newest cloud integrations and product enhancements that make Neo4j an essential choice for developers building apps with interconnected data and generative AI.
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
This paper presents Reef, a system for generating publicly verifiable succinct non-interactive zero-knowledge proofs that a committed document matches or does not match a regular expression. We describe applications such as proving the strength of passwords, the provenance of email despite redactions, the validity of oblivious DNS queries, and the existence of mutations in DNA. Reef supports the Perl Compatible Regular Expression syntax, including wildcards, alternation, ranges, capture groups, Kleene star, negations, and lookarounds. Reef introduces a new type of automata, Skipping Alternating Finite Automata (SAFA), that skips irrelevant parts of a document when producing proofs without undermining soundness, and instantiates SAFA with a lookup argument. Our experimental evaluation confirms that Reef can generate proofs for documents with 32M characters; the proofs are small and cheap to verify (under a second).
Paper: https://eprint.iacr.org/2023/1886
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
Leonard Jayamohan, Partner & Generative AI Lead, Deloitte
This keynote will reveal how Deloitte leverages Neo4j’s graph power for groundbreaking digital twin solutions, achieving a staggering 100x performance boost. Discover the essential role knowledge graphs play in successful generative AI implementations. Plus, get an exclusive look at an innovative Neo4j + Generative AI solution Deloitte is developing in-house.
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
As the digital landscape continually evolves, operating systems play a critical role in shaping user experiences and productivity. The launch of Nitrux Linux 3.5.0 marks a significant milestone, offering a robust alternative to traditional systems such as Windows 11. This article delves into the essence of Nitrux Linux 3.5.0, exploring its unique features, advantages, and how it stands as a compelling choice for both casual users and tech enthusiasts.
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Full-RAG: A modern architecture for hyper-personalization
Mike Del Balso, CEO & Co-Founder at Tecton, presents "Full RAG," a novel approach to AI recommendation systems, aiming to push beyond the limitations of traditional models through a deep integration of contextual insights and real-time data, leveraging the Retrieval-Augmented Generation architecture. This talk will outline Full RAG's potential to significantly enhance personalization, address engineering challenges such as data management and model training, and introduce data enrichment with reranking as a key solution. Attendees will gain crucial insights into the importance of hyperpersonalization in AI, the capabilities of Full RAG for advanced personalization, and strategies for managing complex data integrations for deploying cutting-edge AI solutions.
GridMate - End to end testing is a critical piece to ensure quality and avoid...
End to end testing is a critical piece to ensure quality and avoid regressions. In this session, we share our journey building an E2E testing pipeline for GridMate components (LWC and Aura) using Cypress, JSForce, FakerJS…
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AI
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AIVladimir Iglovikov, Ph.D.
Presented by Vladimir Iglovikov:
- https://www.linkedin.com/in/iglovikov/
- https://x.com/viglovikov
- https://www.instagram.com/ternaus/
This presentation delves into the journey of Albumentations.ai, a highly successful open-source library for data augmentation.
Created out of a necessity for superior performance in Kaggle competitions, Albumentations has grown to become a widely used tool among data scientists and machine learning practitioners.
This case study covers various aspects, including:
People: The contributors and community that have supported Albumentations.
Metrics: The success indicators such as downloads, daily active users, GitHub stars, and financial contributions.
Challenges: The hurdles in monetizing open-source projects and measuring user engagement.
Development Practices: Best practices for creating, maintaining, and scaling open-source libraries, including code hygiene, CI/CD, and fast iteration.
Community Building: Strategies for making adoption easy, iterating quickly, and fostering a vibrant, engaged community.
Marketing: Both online and offline marketing tactics, focusing on real, impactful interactions and collaborations.
Mental Health: Maintaining balance and not feeling pressured by user demands.
Key insights include the importance of automation, making the adoption process seamless, and leveraging offline interactions for marketing. The presentation also emphasizes the need for continuous small improvements and building a friendly, inclusive community that contributes to the project's growth.
Vladimir Iglovikov brings his extensive experience as a Kaggle Grandmaster, ex-Staff ML Engineer at Lyft, sharing valuable lessons and practical advice for anyone looking to enhance the adoption of their open-source projects.
Explore more about Albumentations and join the community at:
GitHub: https://github.com/albumentations-team/albumentations
Website: https://albumentations.ai/
LinkedIn: https://www.linkedin.com/company/100504475
Twitter: https://x.com/albumentationsDevOps and Testing slides at DASA Connect
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
UiPath Test Automation using UiPath Test Suite series, part 6
Welcome to UiPath Test Automation using UiPath Test Suite series part 6. In this session, we will cover Test Automation with generative AI and Open AI.
UiPath Test Automation with generative AI and Open AI webinar offers an in-depth exploration of leveraging cutting-edge technologies for test automation within the UiPath platform. Attendees will delve into the integration of generative AI, a test automation solution, with Open AI advanced natural language processing capabilities.
Throughout the session, participants will discover how this synergy empowers testers to automate repetitive tasks, enhance testing accuracy, and expedite the software testing life cycle. Topics covered include the seamless integration process, practical use cases, and the benefits of harnessing AI-driven automation for UiPath testing initiatives. By attending this webinar, testers, and automation professionals can gain valuable insights into harnessing the power of AI to optimize their test automation workflows within the UiPath ecosystem, ultimately driving efficiency and quality in software development processes.
What will you get from this session?
1. Insights into integrating generative AI.
2. Understanding how this integration enhances test automation within the UiPath platform
3. Practical demonstrations
4. Exploration of real-world use cases illustrating the benefits of AI-driven test automation for UiPath
Topics covered:
What is generative AI
Test Automation with generative AI and Open AI.
UiPath integration with generative AI
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Securing your Kubernetes cluster_ a step-by-step guide to success !
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
UiPath Test Automation using UiPath Test Suite series, part 5
Welcome to UiPath Test Automation using UiPath Test Suite series part 5. In this session, we will cover CI/CD with devops.
Topics covered:
CI/CD with in UiPath
End-to-end overview of CI/CD pipeline with Azure devops
Speaker:
Lyndsey Byblow, Test Suite Sales Engineer @ UiPath, Inc.
Epistemic Interaction - tuning interfaces to provide information for AI support
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
Recently uploaded (20)
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Full-RAG: A modern architecture for hyper-personalization
Full-RAG: A modern architecture for hyper-personalization
GridMate - End to end testing is a critical piece to ensure quality and avoid...
GridMate - End to end testing is a critical piece to ensure quality and avoid...
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AI
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AI
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
UiPath Test Automation using UiPath Test Suite series, part 6
UiPath Test Automation using UiPath Test Suite series, part 6
Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
Kerberos survival guide - SPS Ozarks 2010
- 1. Kerberos Survival Guide Presented by: JD Wade, SharePoint Consultant, MCITP Mail: jd.wade@hrizns.com Blog: http://wadingthrough.wordpress.com LinkedIn: JD Wade Twitter: http://twitter.com/JDWade
- 4. Accessing a Web Site
- 10. Keys
- 11. Authenticator
- 12. TGT Structure
- 16. Dependencies SPN
- 18. Service Principal Name Service Class Host Name Port
- 19. Service Classes allowed by host alerter http policyagent scm appmgmt ias protectedstorage seclogon browser iisad rasman snmp cifs min remoteaccess spooler cisvc messenger replicator Tapisrv clipsrv msiserver rpc time dcom mcsvc rpclocator trksvr dhcp netdde rpcss trkwks dmserver netddedsm rsvp ups dns netlogon samss w3svc dnscache netman scardsvr wins eventlog nmagent scesrv www eventsystem oakley Schedule fax plugplay
- 22. Interoperability
- 25. KDC AS
- 26. KDC AS
- 27. KDC TGS AS SPN
- 28. KDC TGS
- 29. Access Web Site
- 30. 401
- 31. SPN
- 33. <system.webServer> <security> <authentication> <windowsAuthentication enabled="true" useAppPoolCredentials="true" /> </authentication> </security></system.webServer>
- 35. Troubleshooting
- 37. Demos
- 38. Delegation
- 40. FBA Kerberos
- 42. What Is Kerberos Authentication?http://technet.microsoft.com/en-us/library/cc780469%28WS.10%29.aspx
- 43. How the Kerberos Version 5 Authentication Protocol Workshttp://technet.microsoft.com/en-us/library/cc772815%28WS.10%29.aspx
- 45. How To: Use Protocol Transition and Constrained Delegation in ASP.NET 2.0http://msdn.microsoft.com/en-us/library/ff649317.aspx
- 47. Appendix
- 49. Authentication is the process of proving your identity to a remote system.
- 50. Your identity is who you are, and authentication is the process of proving that. In many systems your identity is your username, and you use a secret shared between you and the remote system (a password) to prove that your identity.
- 51. User password is encrypted as the user key. User key is stored in credentials cache. Once the logon session key is received, the user key is discarded.
- 52. Service password is encrypted as the service key.
- 54. Another reason for simplification: encryption upon encryption upon encryption…just remember it is encrypted
- 55. This is a Windows-centric Kerberos presentation
- 56. Load balanced solutions need service account
- 57. All web applications hosted using the same SPN have to be hosted with the same account
- 59. Key Distribution Center (KDC) – In Windows AD, KDC lives on domain controllers (DC), KDCs share a long term key across all DCs.
- 60. KDC security account database – In Windows, it is Active Directory
- 61. Authorization Service (AS) – part of the KDC
- 62. Ticket Granting Service (TGS) – part of the KDC
- 64. A user's initial ticket from the authentication service
- 65. Used to request service tickets
- 66. Meant only for use by the ticket-granting service.
- 67. Service ticket for the KDC (service class = krbtgt)
- 68. Service Ticket
- 70. SetSPN
- 72. Windows 2008 ADUC or ADSIEdit
- 75. IIS Logs and IIS7 Failed Request Tracing
- 76. LDP
- 77. Kerberos Logging
- 79. Have user logon and logoff if they don’t regularly: TGTs are only renewable for so long and then they expire (7 day default), then password has to be re-entered.
- 81. Missing SPN
- 82. Duplicate SPN
- 83. SPN assigned to wrong service account
- 84. Times are out of sync
- 85. Client TGT expired (7 days)