Expiring Today—Celebrate National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Windows 2008 AD: Replay resistant for network access

Posted on 2010-08-20
2
Medium Priority
?
5,093 Views
Last Modified: 2012-05-10
I have a requirement as follows;

The information system uses replay resistant authentication mechanisms for network access to non-privileged and privileged accounts.

    I need the mechanisms and the supporting Microsoft page the validates the replay resistant aspects of Windows 2008.  I know Kerberos is in effect, but you still have a (configurable) window.  I know each user has a SID and each computer has a SID, but is the computer SID used in the process?  I am open to other considerations.
0
Comment
Question by:awakenings
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 

Author Comment

by:awakenings
ID: 33488407
The guidance states;

An authentication process resists replay attacks if it is impractical to achieve a successful authentication by recording and replaying a previous authentication message. Techniques used to address this include protocols that use nonces or challenges (e.g., TLS), and time synchronous or challenge-response one-time authenticators.
0
 
LVL 57

Accepted Solution

by:
Mike Kline earned 2000 total points
ID: 33488587
Kerberos is the default authentication method and you are protected against replay attacks

http://technet.microsoft.com/en-us/library/dd277401.aspx
...Note that since all authenticators must be unique, they are valid one time only. Therefore, Kerberos protects the system from replay attacks.....

Thanks

Mike
0

Featured Post

Get your Conversational Ransomware Defense e‑book

This e-book gives you an insight into the ransomware threat and reviews the fundamentals of top-notch ransomware preparedness and recovery. To help you protect yourself and your organization. The initial infection may be inevitable, so the best protection is to be fully prepared.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

For anyone that has accidentally used newSID with Server 2008 R2 (like I did) and hasn't been able to get the server running again because you were unlucky (as I was) and had no backups - I was able to get things working by doing a Registry Hive rec…
In the absence of a fully-fledged GPO Management product like AGPM, the script in this article will provide you with a simple way to watch the domain (or a select OU) for GPOs changes and automatically take backups when policies are added, removed o…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Suggested Courses

719 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question