Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

User profile for user: Bob_M.
Bob_M. Author
User level: Level 2
308 points

What is KRB5KDC

I have 10.5.2 installed on my Mac Pro and have the Firewall set to Specific Services and Applications. Whenever I turn on the Mac Pro, I get a question from the firewall regarding whether to allow incoming connections to KRB5KDC or not. I have clicked both No and Yes and then deleted it from the Firewall Preference pane. I haven't figured out what this service or application is and whether it is legitimate or not.

Though I have all of the same software installed on a Macbook running 10.5.2 with the same settings, it never asks about KRB5KDC.

Does anyone know what this is and whether it is safe (or recommended) to allow it?

As a side note, I sometimes get asked about DNSresponder as well. I allows allow that, but it never shows up in the Firewall preference pane, which means I have to allow it again the next time I start up. Is this normal behavior?

Thaniks

Message was edited by: Bob_M.

Dual 2.66 Mac Pro, Mac OS X (10.5.2), Macbook, 12 inch Powerbook

Posted on Feb 27, 2008 10:30 AM

Reply
Question marked as Best reply
User profile for user: dechamp
dechamp
User level: Level 4
3,495 points

Posted on Mar 2, 2008 5:04 PM

Jeez, more useless links to man pages....

KRB5KDC
Kerberos version 5 Authentication Service and Key Distribution Center

"Kerberos 5 is a trusted third-party authentication system. This script starts and stops the server that Kerberos IV and 5 clients need to connect to in order to obtain credentials."

Layman - It is a normal part of a Unix or Linux installation and is used as a method to authenticate accounts for access to some network services. It doesn't harm you to leave it on in case you need to connect to a server at work.

DNSresponder or mDNSresponder - part of Zeroconf

"Zeroconf or Zero Configuration Networking is a set of techniques that automatically create a usable IP network without configuration or special servers. This allows inexpert users to connect computers, networked printers, and other items together and expect them to work automatically. Without Zeroconf or something similar, a knowledgeable user must either set up special services, like DHCP and DNS, or set up each computer's network settings by hand, which is a tedious task, and is challenging for non-technical people."

Both of these processes you asked about are normal integrated pieces of your OS. They have been around for years. They don't present any known dangers and can actually make your life easier while still maintaining security.
View in context
9 replies
Question marked as Best reply
User profile for user: dechamp
dechamp
User level: Level 4
3,495 points

Mar 2, 2008 5:04 PM in response to Bob_M.

Jeez, more useless links to man pages....

KRB5KDC
Kerberos version 5 Authentication Service and Key Distribution Center

"Kerberos 5 is a trusted third-party authentication system. This script starts and stops the server that Kerberos IV and 5 clients need to connect to in order to obtain credentials."

Layman - It is a normal part of a Unix or Linux installation and is used as a method to authenticate accounts for access to some network services. It doesn't harm you to leave it on in case you need to connect to a server at work.

DNSresponder or mDNSresponder - part of Zeroconf

"Zeroconf or Zero Configuration Networking is a set of techniques that automatically create a usable IP network without configuration or special servers. This allows inexpert users to connect computers, networked printers, and other items together and expect them to work automatically. Without Zeroconf or something similar, a knowledgeable user must either set up special services, like DHCP and DNS, or set up each computer's network settings by hand, which is a tedious task, and is challenging for non-technical people."

Both of these processes you asked about are normal integrated pieces of your OS. They have been around for years. They don't present any known dangers and can actually make your life easier while still maintaining security.
Reply
User profile for user: Michael Keith
Michael Keith
User level: Level 1
5 points

Jul 25, 2008 2:06 AM in response to Bob_M.

so during the night my powerbook hung (it's old and tends to do that occasionally) and i had to poweroff/poweron this morning. sadly nothing too unusual.

but when i logged in to leopard a bunch of weird things happened.. the time/date was reset for example, though i've seen that before, so not too concerned. it had forgotten which wireless network to connect to (and the password). again, not too concerned.

but the firewall popped up allow/deny requests for krbkdc and nmbd. now, i know what these are but why has it suddenly done this? i never seen this happen before and i've been running leopard on it for 6+ months. according to the firewall documentation all apple system programs should be automatically digitally signed so they shouldn't be flagged by the firewall. if a program is modified then it needs to be re-confirmed and it's signature re-generated.

should i be concerned about an exploit? the only update i've done on it since the last reboot was the mobileme support, which i don't think would modify these programs?

or is it just the firewall being wonky? (it does tend to constantly pop up allow/deny requests for some programs, such as simplifymedia which, to my knowledge, is perfectly safe).

cheers.
Reply

What is KRB5KDC

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple ID.
Learn more Sign up