Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

Question:

Question: What is KRB5KDC

I have 10.5.2 installed on my Mac Pro and have the Firewall set to Specific Services and Applications. Whenever I turn on the Mac Pro, I get a question from the firewall regarding whether to allow incoming connections to KRB5KDC or not. I have clicked both No and Yes and then deleted it from the Firewall Preference pane. I haven't figured out what this service or application is and whether it is legitimate or not.

Though I have all of the same software installed on a Macbook running 10.5.2 with the same settings, it never asks about KRB5KDC.

Does anyone know what this is and whether it is safe (or recommended) to allow it?

As a side note, I sometimes get asked about DNSresponder as well. I allows allow that, but it never shows up in the Firewall preference pane, which means I have to allow it again the next time I start up. Is this normal behavior?

Thaniks

Message was edited by: Bob_M.

Dual 2.66 Mac Pro, Mac OS X (10.5.2), Macbook, 12 inch Powerbook

Posted on

Reply
Question marked as Solved
Answer:
Answer:
Jeez, more useless links to man pages....

KRB5KDC
Kerberos version 5 Authentication Service and Key Distribution Center

"Kerberos 5 is a trusted third-party authentication system. This script starts and stops the server that Kerberos IV and 5 clients need to connect to in order to obtain credentials."

Layman - It is a normal part of a Unix or Linux installation and is used as a method to authenticate accounts for access to some network services. It doesn't harm you to leave it on in case you need to connect to a server at work.

DNSresponder or mDNSresponder - part of Zeroconf

"Zeroconf or Zero Configuration Networking is a set of techniques that automatically create a usable IP network without configuration or special servers. This allows inexpert users to connect computers, networked printers, and other items together and expect them to work automatically. Without Zeroconf or something similar, a knowledgeable user must either set up special services, like DHCP and DNS, or set up each computer's network settings by hand, which is a tedious task, and is challenging for non-technical people."

Both of these processes you asked about are normal integrated pieces of your OS. They have been around for years. They don't present any known dangers and can actually make your life easier while still maintaining security.

Posted on

There’s more to the conversation

Read all replies

Feb 27, 2008 11:18 AM in response to Templeton Peck In response to Templeton Peck

Actually, I did use google and found that very page already. Unfortunately, I don't use Linux and had no idea what that page was telling me. I was hoping someone else could provide a simple answer in layman's terms.

Thanks.

Feb 27, 2008 11:18 AM

Reply Helpful

Mar 2, 2008 3:46 PM in response to eddy kestemont In response to eddy kestemont

Thank you, that is much simpler to understand than the other page someone linked to earlier. So, I guess if I want my Macbook to be able to connect to my Mac Pro, I have to allow incoming connections, right?

It may not be entirely clear still, but at least I now have some idea what the app is.

Mar 2, 2008 3:46 PM

Reply Helpful
Question marked as Solved

Mar 2, 2008 5:04 PM in response to Bob_M. In response to Bob_M.

Jeez, more useless links to man pages....

KRB5KDC
Kerberos version 5 Authentication Service and Key Distribution Center

"Kerberos 5 is a trusted third-party authentication system. This script starts and stops the server that Kerberos IV and 5 clients need to connect to in order to obtain credentials."

Layman - It is a normal part of a Unix or Linux installation and is used as a method to authenticate accounts for access to some network services. It doesn't harm you to leave it on in case you need to connect to a server at work.

DNSresponder or mDNSresponder - part of Zeroconf

"Zeroconf or Zero Configuration Networking is a set of techniques that automatically create a usable IP network without configuration or special servers. This allows inexpert users to connect computers, networked printers, and other items together and expect them to work automatically. Without Zeroconf or something similar, a knowledgeable user must either set up special services, like DHCP and DNS, or set up each computer's network settings by hand, which is a tedious task, and is challenging for non-technical people."

Both of these processes you asked about are normal integrated pieces of your OS. They have been around for years. They don't present any known dangers and can actually make your life easier while still maintaining security.

Mar 2, 2008 5:04 PM

Reply Helpful

Apr 18, 2008 5:29 PM in response to dechamp In response to dechamp

Thanks much for this response! I was reviewing the posts to try to find out what the heck this was in my log ( krb5kdc is listening from 0.0.0.0:88 uid = 0 proto=6) and came across your post 🙂

I thought this could be something to do with someone trying to hack into my computer.. thanks for the info. Trying to learn 🙂

Apr 18, 2008 5:29 PM

Reply Helpful

Jul 25, 2008 2:06 AM in response to Bob_M. In response to Bob_M.

so during the night my powerbook hung (it's old and tends to do that occasionally) and i had to poweroff/poweron this morning. sadly nothing too unusual.

but when i logged in to leopard a bunch of weird things happened.. the time/date was reset for example, though i've seen that before, so not too concerned. it had forgotten which wireless network to connect to (and the password). again, not too concerned.

but the firewall popped up allow/deny requests for krbkdc and nmbd. now, i know what these are but why has it suddenly done this? i never seen this happen before and i've been running leopard on it for 6+ months. according to the firewall documentation all apple system programs should be automatically digitally signed so they shouldn't be flagged by the firewall. if a program is modified then it needs to be re-confirmed and it's signature re-generated.

should i be concerned about an exploit? the only update i've done on it since the last reboot was the mobileme support, which i don't think would modify these programs?

or is it just the firewall being wonky? (it does tend to constantly pop up allow/deny requests for some programs, such as simplifymedia which, to my knowledge, is perfectly safe).

cheers.

Jul 25, 2008 2:06 AM

Reply Helpful
User profile for user: Bob_M.

Question: What is KRB5KDC