Recent SCO/Linux News

From: Kathryn Barrett <kathrynb@oreilly.com>
Subject: "Kerberos: The Definitive Guide" Released by O'Reilly
Date: Thu, 4 Sep 2003 21:02:13 GMT

"Kerberos: The Definitive Guide" Puts the Network Watchdog On the Prowl

Sebastopol, CA--In Greek mythology, Kerberos (aka Cerberus) was the
hound of Hades--a vicious, three-headed dog with a mane of snakes and
lion's claws that guarded the realm of the underworld. Today, the aptly
named Kerberos authentication system serves a similar post as a
steadfast gatekeeper that bars intruders from your networks. But
Kerberos's reputation for being head-achingly complex is as legendary
as its name, so many a network and system administrator has shied away
from the poorly understood beast. Fear no more! Jason Garman's
"Kerberos: The Definitive Guide" (O'Reilly, US $34.95) shows you how to
unleash the power of this trusty watchdog on networks large and small.

Rest assured, Kerberos has plenty of bite. Originally developed at MIT
and freely available from MIT in source form (it's also commercially
available for those who prefer a professionally supported product),
this ultra-secure, single sign-on, cross-platform system authenticates
clients trying to access network resources and stands guard against
those who attempt to monitor network traffic and intercept passwords.

It's all about convenience and security. With Kerberos, administrators
can centralize authentication into a single server or set of servers.
And one login--just one username and one password--is all an end-user
needs for access to network resources, regardless of platform or
operating system. Kerberos issues "tickets," time-limited cryptographic
messages that prove a user's identity to a given server (and vice
versa) without transmitting passwords over the network or even caching
them on the local user's hard disk. Once a ticket is accepted, clients
and servers are assured of encryption and message integrity for
private, tamper-free communication.

According to author Jason Garman, it is no surprise that Kerberos is
becoming widely adopted in Unix, Linux, and Windows environments alike.
After all, he says, "Kerberos is the only well studied, proven, and
widely supported authentication system available for computer
networks."

And Microsoft apparently agrees. The company has integrated Kerberos
into Windows 2000 and above, reports Garman, "and the release of
Windows Server 2003 further affirms Microsoft's commitment to Kerberos
as its authentication protocol of choice. Microsoft has single-handedly
driven the use of Kerberos into the majority of the operating-system
market that it controls." And in so doing, Microsoft has extended the
reach of Kerberos to even the smallest of networks.

Administrators who have been daunted by the sophistication and
complexity of Kerberos and put off by the lack of helpful documentation
will find the path to implementation much simpler with "Kerberos: The
Definitive Guide." Garman explains what Kerberos is, how it works, and
why it is ideal for any organization looking to establish a robust,
single sign-on infrastructure for its network. This accessible
guide--aimed at intermediate to advanced network and system
administrators who are considering "Kerberizing" their networks--also
features:

-A thorough and detailed discussion of cryptographic authentication
-Everything administrators need to understand and implement a Kerberos
network in either a Unix or a Windows environment
-A comprehensive discussion of the practical issues that are present
when establishing and running your own Kerberos realm
-Advice on setting up applications to use Kerberos authentication and
adding Kerberos to software packages
-Advanced topics like cross-realm authentication, defending against
attacks on Kerberos, and troubleshooting
-A case study and a glimpse into the future of Kerberos

This is an ultimately practical guide to making Kerberos an essential
part of your total network security plan--and making life easier for
both administrators and end users.


Additional Resources:

Chapter 5, "Troubleshooting," is available free online at:
http://www.oreilly.com/catalog/kerberos/chapter/index.html

For more information about the book, including Table of Contents,
index, author bio, and samples, see:
http://www.oreilly.com/catalog/kerberos/

For a cover graphic in JPEG format, go to:
ftp://ftp.ora.com/pub/graphics/book_covers/hi-res/0596004036.jpg

Kerberos: The Definitive Guide
Jason Garman
ISBN 0-596-00403-6, 272 pages, $34.95 US, $54.95 CA, 24.95 UK
order@oreilly.com
1-800-998-9938
1-707-827-7000
http://www.oreilly.com

About O'Reilly
O'Reilly & Associates is the premier information source for
leading-edge computer technologies. The company's books, conferences,
and web sites bring to light the knowledge of technology innovators.
O'Reilly books, known for the animals on their covers, occupy a
treasured place on the shelves of the developers building the next
generation of software. O'Reilly conferences and summits bring alpha
geeks and forward-thinking business leaders together to shape the
revolutionary ideas that spark new industries. From the Internet to
XML, open source, .NET, Java, and web services, O'Reilly puts
technologies on the map. For more information: http://www.oreilly.com

# # #

O'Reilly is a registered trademark of O'Reilly & Associates, Inc. All
other trademarks are property of their respective owners.

Index

Take Control of Upgrading to Snow Leopard

Take Control of Exploring & Customizing Snow Leopard

Jump to Comments

Many of the products and books I review are things I purchased for my own use. Some were given to me specifically for the purpose of reviewing them. I resell or can earn commissions from the sale of some of these items. Links within these pages may be affiliate links that pay me for referring you to them. That's mostly insignificant amounts of money; whenever it is not I have made my relationship plain. I also may own stock in companies mentioned here. If you have any question, please do feel free to contact me.

Specific links that take you to pages that allow you to purchase the item I reviewed are very likely to pay me a commission. Many of the books I review were given to me by the publishers specifically for the purpose of writing a review. These gifts and referral fees do not affect my opinions; I often give bad reviews anyway.

We use Google third-party advertising companies to serve ads when you visit our website. These companies may use information (not including your name, address, email address, or telephone number) about your visits to this and other websites in order to provide advertisements about goods and services of interest to you. If you would like more information about this practice and to know your choices about not having this information used by these companies, click here.