Unfortunately I'm not necessarily familiar enough to know if I'm seeing the
"correct" tickets. I am seeing 6 packets with the first 4 are directed
to/from port 88 and the last 2 directed to/from 464:
PKT 1: Client Name (Principal): brocka, Realm: STERLINGCGI.COM, Server Name
(Principal): kadmin/changepw, KRB5 AS-REQ
PKT 2: Client Name (Principal): brocka, Realm: STERLINGCGI.COM, Server Name
(Principal): kadmin/changepw, KRB5 KRB Error: KRB5KDC_ERR_PREAUTH_REQUIRED
PKT 3: Client Name (Principal): brocka, Realm: STERLINGCGI.COM, Server Name
(Principal): kadmin/changepw, KRB5 AS-REQ
PKT 4: Client Name (Principal): brocka, Realm: STERLINGCGI.COM, Server Name
(Principal): kadmin/changepw, KRB5 AS-REP
Then I see:
PKT 5: Tkt-vno: 5, Realm: STERLINGCGI.COM, Server Name (Principal):
kadmin/changepw, KPASSWD Reply
PKT 6: KPASSWD Reply[Malformed Packet]
It's interesting to note that I can see in the "text" field of wireshark for
the "[Malformed Packet: Kpasswd]" the words "SCGROUP.ORG", "kadmin",
"changepw" and "Failed reading application request". However, obviously,
wireshark didn't seem to understand the contents of the packet. Other than
this anomaly, the REALM looks good to me.
I'm also attaching a "text" export of the packet capture from wireshark.
Tony
> -----Original Message-----
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
> Behalf Of Markus Moeller
> Sent: Monday, September 24, 2007 1:39 PM
> To: [email protected]
> Subject: Re: Problems with kadmind, kpasswd and cross-realm
> authentication
>
>
> What do you see when you capture the traffic with wireshark on
> port 88 and
> 464 ? Do you see the correct kadmin/[EMAIL PROTECTED] tickets ?
>
> Markus
>
> "Anthony Brock" <[EMAIL PROTECTED]> wrote in message
> news:[EMAIL PROTECTED]
> >> -----Original Message-----
> >> Any ideas?
> >>
> >> The man page states that kadmind should be able to change
> >> passwords for any
> >> realms that have an associated kadmin/changepw@<REALM> and
> >> kadmin/admin@<REALM> principal. Is this still true? Or has
> >> support for this
> >> functionality been dropped? If not, what debugging can be performed to
> >> identify the cause of the issue?
> >>
> >> Ideas?
> >>
> >> Tony
> >
> > Given that it's been 3 weeks and nobody has any suggestions for further
> > troubleshooting or identifying the issue, should this be submitted as a
> > bug
> > in kadmind? If so, how do I submit it? Is there a documented process for
> > this?
> >
> > Also, are there any suggested workarounds? I've seen references
> from 2004
> > to
> > people running a separate kadmind daemon for each realm using different
> > port
> > numbers. Is this safe against a single db? If not, how do you migrate a
> > realm out of the default db into a separate db files?
> >
> > Thanks!
> >
> > Tony
> >
>
>
> ________________________________________________
> Kerberos mailing list [email protected]
> https://mailman.mit.edu/mailman/listinfo/kerberos
>
No. Time Source Destination Protocol Info
1 0.000000 10.0.1.8 10.0.1.7 KRB5 AS-REQ
Frame 1 (215 bytes on wire, 215 bytes captured)
Arrival Time: Sep 24, 2007 14:58:14.130291000
[Time delta from previous captured frame: 0.000000000 seconds]
[Time delta from previous displayed frame: 0.000000000 seconds]
[Time since reference or first frame: 0.000000000 seconds]
Frame Number: 1
Frame Length: 215 bytes
Capture Length: 215 bytes
[Frame is marked: False]
[Protocols in frame: eth:ip:udp:kerberos]
[Coloring Rule Name: UDP]
[Coloring Rule String: udp]
Ethernet II, Src: fe:fd:0a:00:01:08 (fe:fd:0a:00:01:08), Dst: fe:fd:0a:00:01:07
(fe:fd:0a:00:01:07)
Destination: fe:fd:0a:00:01:07 (fe:fd:0a:00:01:07)
Address: fe:fd:0a:00:01:07 (fe:fd:0a:00:01:07)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..1. .... .... .... .... = LG bit: Locally administered address
(this is NOT the factory default)
Source: fe:fd:0a:00:01:08 (fe:fd:0a:00:01:08)
Address: fe:fd:0a:00:01:08 (fe:fd:0a:00:01:08)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..1. .... .... .... .... = LG bit: Locally administered address
(this is NOT the factory default)
Type: IP (0x0800)
Internet Protocol, Src: 10.0.1.8 (10.0.1.8), Dst: 10.0.1.7 (10.0.1.7)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 201
Identification: 0x8a2b (35371)
Flags: 0x04 (Don't Fragment)
0... = Reserved bit: Not set
.1.. = Don't fragment: Set
..0. = More fragments: Not set
Fragment offset: 0
Time to live: 64
Protocol: UDP (0x11)
Header checksum: 0x99ea [correct]
[Good: True]
[Bad : False]
Source: 10.0.1.8 (10.0.1.8)
Destination: 10.0.1.7 (10.0.1.7)
User Datagram Protocol, Src Port: 2107 (2107), Dst Port: kerberos (88)
Source port: 2107 (2107)
Destination port: kerberos (88)
Length: 181
Checksum: 0x80a4 [correct]
[Good Checksum: True]
[Bad Checksum: False]
Kerberos AS-REQ
Pvno: 5
MSG Type: AS-REQ (10)
KDC_REQ_BODY
Padding: 0
KDCOptions: 00000010 (Renewable OK)
.0.. .... .... .... .... .... .... .... = Forwardable: Do NOT use
forwardable tickets
..0. .... .... .... .... .... .... .... = Forwarded: This is NOT a
forwarded ticket
...0 .... .... .... .... .... .... .... = Proxyable: Do NOT use
proxiable tickets
.... 0... .... .... .... .... .... .... = Proxy: This ticket has
NOT been proxied
.... .0.. .... .... .... .... .... .... = Allow Postdate: We do NOT
allow the ticket to be postdated
.... ..0. .... .... .... .... .... .... = Postdated: This ticket is
NOT postdated
.... .... 0... .... .... .... .... .... = Renewable: This ticket is
NOT renewable
.... .... ...0 .... .... .... .... .... = Opt HW Auth: False
.... .... .... ..0. .... .... .... .... = Constrained Delegation:
This is a normal request (no constrained delegation)
.... .... .... ...0 .... .... .... .... = Canonicalize: This is NOT
a canonicalized ticket request
.... .... .... .... .... .... ..0. .... = Disable Transited Check:
Transited checking is NOT disabled
.... .... .... .... .... .... ...1 .... = Renewable OK: We accept
RENEWED tickets
.... .... .... .... .... .... .... 0... = Enc-Tkt-in-Skey: Do NOT
encrypt the tkt inside the skey
.... .... .... .... .... .... .... ..0. = Renew: This is NOT a
request to renew a ticket
.... .... .... .... .... .... .... ...0 = Validate: This is NOT a
request to validate a postdated ticket
Client Name (Principal): brocka
Name-type: Principal (1)
Name: brocka
Realm: STERLINGCGI.COM
Server Name (Principal): kadmin/changepw
Name-type: Principal (1)
Name: kadmin
Name: changepw
from: 2007-09-24 21:58:14 (Z)
till: 2007-09-24 22:03:14 (Z)
Nonce: 1190671094
Encryption Types: aes256-cts-hmac-sha1-96 aes128-cts-hmac-sha1-96
des3-cbc-sha1 rc4-hmac des-cbc-crc des-cbc-md5 des-cbc-md4
Encryption type: aes256-cts-hmac-sha1-96 (18)
Encryption type: aes128-cts-hmac-sha1-96 (17)
Encryption type: des3-cbc-sha1 (16)
Encryption type: rc4-hmac (23)
Encryption type: des-cbc-crc (1)
Encryption type: des-cbc-md5 (3)
Encryption type: des-cbc-md4 (2)
No. Time Source Destination Protocol Info
2 0.011316 10.0.1.7 10.0.1.8 KRB5 KRB
Error: KRB5KDC_ERR_PREAUTH_REQUIRED
Frame 2 (369 bytes on wire, 369 bytes captured)
Arrival Time: Sep 24, 2007 14:58:14.141607000
[Time delta from previous captured frame: 0.011316000 seconds]
[Time delta from previous displayed frame: 0.011316000 seconds]
[Time since reference or first frame: 0.011316000 seconds]
Frame Number: 2
Frame Length: 369 bytes
Capture Length: 369 bytes
[Frame is marked: False]
[Protocols in frame: eth:ip:udp:kerberos]
[Coloring Rule Name: UDP]
[Coloring Rule String: udp]
Ethernet II, Src: fe:fd:0a:00:01:07 (fe:fd:0a:00:01:07), Dst: fe:fd:0a:00:01:08
(fe:fd:0a:00:01:08)
Destination: fe:fd:0a:00:01:08 (fe:fd:0a:00:01:08)
Address: fe:fd:0a:00:01:08 (fe:fd:0a:00:01:08)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..1. .... .... .... .... = LG bit: Locally administered address
(this is NOT the factory default)
Source: fe:fd:0a:00:01:07 (fe:fd:0a:00:01:07)
Address: fe:fd:0a:00:01:07 (fe:fd:0a:00:01:07)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..1. .... .... .... .... = LG bit: Locally administered address
(this is NOT the factory default)
Type: IP (0x0800)
Internet Protocol, Src: 10.0.1.7 (10.0.1.7), Dst: 10.0.1.8 (10.0.1.8)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 355
Identification: 0x0000 (0)
Flags: 0x04 (Don't Fragment)
0... = Reserved bit: Not set
.1.. = Don't fragment: Set
..0. = More fragments: Not set
Fragment offset: 0
Time to live: 64
Protocol: UDP (0x11)
Header checksum: 0x237c [correct]
[Good: True]
[Bad : False]
Source: 10.0.1.7 (10.0.1.7)
Destination: 10.0.1.8 (10.0.1.8)
User Datagram Protocol, Src Port: kerberos (88), Dst Port: 2107 (2107)
Source port: kerberos (88)
Destination port: 2107 (2107)
Length: 335
Checksum: 0xfc36 [correct]
[Good Checksum: True]
[Bad Checksum: False]
Kerberos KRB-ERROR
Pvno: 5
MSG Type: KRB-ERROR (30)
ctime: 2007-09-24 21:58:14 (Z)
stime: 2007-09-24 21:58:14 (Z)
susec: 141235
error_code: KRB5KDC_ERR_PREAUTH_REQUIRED (25)
Client Realm: STERLINGCGI.COM
Client Name (Principal): brocka
Name-type: Principal (1)
Name: brocka
Realm: STERLINGCGI.COM
Server Name (Principal): kadmin/changepw
Name-type: Principal (1)
Name: kadmin
Name: changepw
e-text: NEEDED_PREAUTH
e-data
padata: PA-ENC-TIMESTAMP PA-ENCTYPE-INFO2 PA-SAM-RESPONSE
Type: PA-ENC-TIMESTAMP (2)
Value: <MISSING>
Type: PA-ENCTYPE-INFO2 (19)
Value: 306A3005A0030201103005A0030201013005A00302010330...
des3-cbc-sha1 des-cbc-crc des-cbc-md5 des-cbc-md5 des-cbc-md5 des-cbc-md5
des-cbc-md5
Encryption type: des3-cbc-sha1 (16)
Encryption type: des-cbc-crc (1)
Encryption type: des-cbc-md5 (3)
Encryption type: des-cbc-md5 (3)
Salt: <MISSING>
Encryption type: des-cbc-md5 (3)
Salt: 62726F636B61
Encryption type: des-cbc-md5 (3)
Salt: 535445524C494E474347492E434F4D
Encryption type: des-cbc-md5 (3)
Salt: 535445524C494E474347492E434F4D
Salt: 01
Type: PA-SAM-RESPONSE (13)
Value: <MISSING>
No. Time Source Destination Protocol Info
3 3.832869 10.0.1.8 10.0.1.7 KRB5 AS-REQ
Frame 3 (302 bytes on wire, 302 bytes captured)
Arrival Time: Sep 24, 2007 14:58:17.963160000
[Time delta from previous captured frame: 3.821553000 seconds]
[Time delta from previous displayed frame: 3.821553000 seconds]
[Time since reference or first frame: 3.832869000 seconds]
Frame Number: 3
Frame Length: 302 bytes
Capture Length: 302 bytes
[Frame is marked: False]
[Protocols in frame: eth:ip:udp:kerberos]
[Coloring Rule Name: UDP]
[Coloring Rule String: udp]
Ethernet II, Src: fe:fd:0a:00:01:08 (fe:fd:0a:00:01:08), Dst: fe:fd:0a:00:01:07
(fe:fd:0a:00:01:07)
Destination: fe:fd:0a:00:01:07 (fe:fd:0a:00:01:07)
Address: fe:fd:0a:00:01:07 (fe:fd:0a:00:01:07)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..1. .... .... .... .... = LG bit: Locally administered address
(this is NOT the factory default)
Source: fe:fd:0a:00:01:08 (fe:fd:0a:00:01:08)
Address: fe:fd:0a:00:01:08 (fe:fd:0a:00:01:08)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..1. .... .... .... .... = LG bit: Locally administered address
(this is NOT the factory default)
Type: IP (0x0800)
Internet Protocol, Src: 10.0.1.8 (10.0.1.8), Dst: 10.0.1.7 (10.0.1.7)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 288
Identification: 0x8bac (35756)
Flags: 0x04 (Don't Fragment)
0... = Reserved bit: Not set
.1.. = Don't fragment: Set
..0. = More fragments: Not set
Fragment offset: 0
Time to live: 64
Protocol: UDP (0x11)
Header checksum: 0x9812 [correct]
[Good: True]
[Bad : False]
Source: 10.0.1.8 (10.0.1.8)
Destination: 10.0.1.7 (10.0.1.7)
User Datagram Protocol, Src Port: 2107 (2107), Dst Port: kerberos (88)
Source port: 2107 (2107)
Destination port: kerberos (88)
Length: 268
Checksum: 0x1c3e [correct]
[Good Checksum: True]
[Bad Checksum: False]
Kerberos AS-REQ
Pvno: 5
MSG Type: AS-REQ (10)
padata: PA-ENC-TIMESTAMP
Type: PA-ENC-TIMESTAMP (2)
Value: 3045A003020110A23E043C4BAFBF1CE24B22DE02D0122BB6...
des3-cbc-sha1
Encryption type: des3-cbc-sha1 (16)
enc PA_ENC_TIMESTAMP:
4BAFBF1CE24B22DE02D0122BB6D0121DAF5C4F92A4172EC3...
KDC_REQ_BODY
Padding: 0
KDCOptions: 00000010 (Renewable OK)
.0.. .... .... .... .... .... .... .... = Forwardable: Do NOT use
forwardable tickets
..0. .... .... .... .... .... .... .... = Forwarded: This is NOT a
forwarded ticket
...0 .... .... .... .... .... .... .... = Proxyable: Do NOT use
proxiable tickets
.... 0... .... .... .... .... .... .... = Proxy: This ticket has
NOT been proxied
.... .0.. .... .... .... .... .... .... = Allow Postdate: We do NOT
allow the ticket to be postdated
.... ..0. .... .... .... .... .... .... = Postdated: This ticket is
NOT postdated
.... .... 0... .... .... .... .... .... = Renewable: This ticket is
NOT renewable
.... .... ...0 .... .... .... .... .... = Opt HW Auth: False
.... .... .... ..0. .... .... .... .... = Constrained Delegation:
This is a normal request (no constrained delegation)
.... .... .... ...0 .... .... .... .... = Canonicalize: This is NOT
a canonicalized ticket request
.... .... .... .... .... .... ..0. .... = Disable Transited Check:
Transited checking is NOT disabled
.... .... .... .... .... .... ...1 .... = Renewable OK: We accept
RENEWED tickets
.... .... .... .... .... .... .... 0... = Enc-Tkt-in-Skey: Do NOT
encrypt the tkt inside the skey
.... .... .... .... .... .... .... ..0. = Renew: This is NOT a
request to renew a ticket
.... .... .... .... .... .... .... ...0 = Validate: This is NOT a
request to validate a postdated ticket
Client Name (Principal): brocka
Name-type: Principal (1)
Name: brocka
Realm: STERLINGCGI.COM
Server Name (Principal): kadmin/changepw
Name-type: Principal (1)
Name: kadmin
Name: changepw
from: 2007-09-24 21:58:14 (Z)
till: 2007-09-24 22:03:14 (Z)
Nonce: 1190671094
Encryption Types: aes256-cts-hmac-sha1-96 aes128-cts-hmac-sha1-96
des3-cbc-sha1 rc4-hmac des-cbc-crc des-cbc-md5 des-cbc-md4
Encryption type: aes256-cts-hmac-sha1-96 (18)
Encryption type: aes128-cts-hmac-sha1-96 (17)
Encryption type: des3-cbc-sha1 (16)
Encryption type: rc4-hmac (23)
Encryption type: des-cbc-crc (1)
Encryption type: des-cbc-md5 (3)
Encryption type: des-cbc-md4 (2)
No. Time Source Destination Protocol Info
4 3.837799 10.0.1.7 10.0.1.8 KRB5 AS-REP
Frame 4 (611 bytes on wire, 611 bytes captured)
Arrival Time: Sep 24, 2007 14:58:17.968090000
[Time delta from previous captured frame: 0.004930000 seconds]
[Time delta from previous displayed frame: 0.004930000 seconds]
[Time since reference or first frame: 3.837799000 seconds]
Frame Number: 4
Frame Length: 611 bytes
Capture Length: 611 bytes
[Frame is marked: False]
[Protocols in frame: eth:ip:udp:kerberos]
[Coloring Rule Name: UDP]
[Coloring Rule String: udp]
Ethernet II, Src: fe:fd:0a:00:01:07 (fe:fd:0a:00:01:07), Dst: fe:fd:0a:00:01:08
(fe:fd:0a:00:01:08)
Destination: fe:fd:0a:00:01:08 (fe:fd:0a:00:01:08)
Address: fe:fd:0a:00:01:08 (fe:fd:0a:00:01:08)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..1. .... .... .... .... = LG bit: Locally administered address
(this is NOT the factory default)
Source: fe:fd:0a:00:01:07 (fe:fd:0a:00:01:07)
Address: fe:fd:0a:00:01:07 (fe:fd:0a:00:01:07)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..1. .... .... .... .... = LG bit: Locally administered address
(this is NOT the factory default)
Type: IP (0x0800)
Internet Protocol, Src: 10.0.1.7 (10.0.1.7), Dst: 10.0.1.8 (10.0.1.8)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 597
Identification: 0x0000 (0)
Flags: 0x04 (Don't Fragment)
0... = Reserved bit: Not set
.1.. = Don't fragment: Set
..0. = More fragments: Not set
Fragment offset: 0
Time to live: 64
Protocol: UDP (0x11)
Header checksum: 0x228a [correct]
[Good: True]
[Bad : False]
Source: 10.0.1.7 (10.0.1.7)
Destination: 10.0.1.8 (10.0.1.8)
User Datagram Protocol, Src Port: kerberos (88), Dst Port: 2107 (2107)
Source port: kerberos (88)
Destination port: 2107 (2107)
Length: 577
Checksum: 0x2d61 [correct]
[Good Checksum: True]
[Bad Checksum: False]
Kerberos AS-REP
Pvno: 5
MSG Type: AS-REP (11)
padata: PA-ENCTYPE-INFO2
Type: PA-ENCTYPE-INFO2 (19)
Value: 30073005A003020110 des3-cbc-sha1
Encryption type: des3-cbc-sha1 (16)
Client Realm: STERLINGCGI.COM
Client Name (Principal): brocka
Name-type: Principal (1)
Name: brocka
Ticket
Tkt-vno: 5
Realm: STERLINGCGI.COM
Server Name (Principal): kadmin/changepw
Name-type: Principal (1)
Name: kadmin
Name: changepw
enc-part des3-cbc-sha1
Encryption type: des3-cbc-sha1 (16)
Kvno: 3
enc-part: 8C7CDA0A07D024123A08EEA1ED5B6100FE109DD3BFC60F01...
enc-part des3-cbc-sha1
Encryption type: des3-cbc-sha1 (16)
enc-part: 440AAF09E6C7C8F9DA0D97C515AC128D43BBCBCE344D4ADE...
No. Time Source Destination Protocol Info
5 9.164700 10.0.1.8 10.0.1.7 KPASSWD Reply
Frame 5 (585 bytes on wire, 585 bytes captured)
Arrival Time: Sep 24, 2007 14:58:23.294991000
[Time delta from previous captured frame: 5.326901000 seconds]
[Time delta from previous displayed frame: 5.326901000 seconds]
[Time since reference or first frame: 9.164700000 seconds]
Frame Number: 5
Frame Length: 585 bytes
Capture Length: 585 bytes
[Frame is marked: False]
[Protocols in frame: eth:ip:udp:kpasswd]
[Coloring Rule Name: UDP]
[Coloring Rule String: udp]
Ethernet II, Src: fe:fd:0a:00:01:08 (fe:fd:0a:00:01:08), Dst: fe:fd:0a:00:01:07
(fe:fd:0a:00:01:07)
Destination: fe:fd:0a:00:01:07 (fe:fd:0a:00:01:07)
Address: fe:fd:0a:00:01:07 (fe:fd:0a:00:01:07)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..1. .... .... .... .... = LG bit: Locally administered address
(this is NOT the factory default)
Source: fe:fd:0a:00:01:08 (fe:fd:0a:00:01:08)
Address: fe:fd:0a:00:01:08 (fe:fd:0a:00:01:08)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..1. .... .... .... .... = LG bit: Locally administered address
(this is NOT the factory default)
Type: IP (0x0800)
Internet Protocol, Src: 10.0.1.8 (10.0.1.8), Dst: 10.0.1.7 (10.0.1.7)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 571
Identification: 0x8dc3 (36291)
Flags: 0x04 (Don't Fragment)
0... = Reserved bit: Not set
.1.. = Don't fragment: Set
..0. = More fragments: Not set
Fragment offset: 0
Time to live: 64
Protocol: UDP (0x11)
Header checksum: 0x94e0 [correct]
[Good: True]
[Bad : False]
Source: 10.0.1.8 (10.0.1.8)
Destination: 10.0.1.7 (10.0.1.7)
User Datagram Protocol, Src Port: 2107 (2107), Dst Port: kpasswd (464)
Source port: 2107 (2107)
Destination port: kpasswd (464)
Length: 551
Checksum: 0xcec9 [correct]
[Good Checksum: True]
[Bad Checksum: False]
MS Kpasswd
Message Length: 543
Version: Reply (0x0001)
AP_REQ Length: 442
AP_REQ
Kerberos AP-REQ
Pvno: 5
MSG Type: AP-REQ (14)
Padding: 0
APOptions: 00000000
.0.. .... .... .... .... .... .... .... = Use Session Key: Do
NOT use the session key to encrypt the ticket
..0. .... .... .... .... .... .... .... = Mutual required:
Mutual authentication is NOT required
Ticket
Tkt-vno: 5
Realm: STERLINGCGI.COM
Server Name (Principal): kadmin/changepw
Name-type: Principal (1)
Name: kadmin
Name: changepw
enc-part des3-cbc-sha1
Encryption type: des3-cbc-sha1 (16)
Kvno: 3
enc-part:
8C7CDA0A07D024123A08EEA1ED5B6100FE109DD3BFC60F01...
Authenticator des3-cbc-sha1
Encryption type: des3-cbc-sha1 (16)
Authenticator data:
3CFD985919A44CB563EAC1C7842F070DF36FC95A58DA2188...
KRB-PRIV
Kerberos
PRIV_BODY KRB-PRIV
Pvno: 5
MSG Type: KRB-PRIV (21)
enc PRIV: A003020110A2460444B7F93E83DF9874269A1D151E6BB5CF...
des3-cbc-sha1
Encryption type: des3-cbc-sha1 (16)
Encrypted PRIV
No. Time Source Destination Protocol Info
6 9.168368 10.0.1.7 10.0.1.8 KPASSWD
Reply[Malformed Packet]
Frame 6 (177 bytes on wire, 177 bytes captured)
Arrival Time: Sep 24, 2007 14:58:23.298659000
[Time delta from previous captured frame: 0.003668000 seconds]
[Time delta from previous displayed frame: 0.003668000 seconds]
[Time since reference or first frame: 9.168368000 seconds]
Frame Number: 6
Frame Length: 177 bytes
Capture Length: 177 bytes
[Frame is marked: False]
[Protocols in frame: eth:ip:udp:kpasswd]
[Coloring Rule Name: UDP]
[Coloring Rule String: udp]
Ethernet II, Src: fe:fd:0a:00:01:07 (fe:fd:0a:00:01:07), Dst: fe:fd:0a:00:01:08
(fe:fd:0a:00:01:08)
Destination: fe:fd:0a:00:01:08 (fe:fd:0a:00:01:08)
Address: fe:fd:0a:00:01:08 (fe:fd:0a:00:01:08)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..1. .... .... .... .... = LG bit: Locally administered address
(this is NOT the factory default)
Source: fe:fd:0a:00:01:07 (fe:fd:0a:00:01:07)
Address: fe:fd:0a:00:01:07 (fe:fd:0a:00:01:07)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..1. .... .... .... .... = LG bit: Locally administered address
(this is NOT the factory default)
Type: IP (0x0800)
Internet Protocol, Src: 10.0.1.7 (10.0.1.7), Dst: 10.0.1.8 (10.0.1.8)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 163
Identification: 0x0000 (0)
Flags: 0x04 (Don't Fragment)
0... = Reserved bit: Not set
.1.. = Don't fragment: Set
..0. = More fragments: Not set
Fragment offset: 0
Time to live: 64
Protocol: UDP (0x11)
Header checksum: 0x243c [correct]
[Good: True]
[Bad : False]
Source: 10.0.1.7 (10.0.1.7)
Destination: 10.0.1.8 (10.0.1.8)
User Datagram Protocol, Src Port: kpasswd (464), Dst Port: 2107 (2107)
Source port: kpasswd (464)
Destination port: 2107 (2107)
Length: 143
Checksum: 0xa9ad [correct]
[Good Checksum: True]
[Bad Checksum: False]
MS Kpasswd
Message Length: 135
Version: Reply (0x0001)
AP_REQ Length: 0
[Malformed Packet: Kpasswd]
________________________________________________
Kerberos mailing list [email protected]
https://mailman.mit.edu/mailman/listinfo/kerberos
