100266 Views 9 Replies Latest reply: Jul 25, 2008 2:06 AM by Michael Keith
Jeez, more useless links to man pages....
Kerberos version 5 Authentication Service and Key Distribution Center
"Kerberos 5 is a trusted third-party authentication system. This script starts and stops the server that Kerberos IV and 5 clients need to connect to in order to obtain credentials."
Layman - It is a normal part of a Unix or Linux installation and is used as a method to authenticate accounts for access to some network services. It doesn't harm you to leave it on in case you need to connect to a server at work.
DNSresponder or mDNSresponder - part of Zeroconf
"Zeroconf or Zero Configuration Networking is a set of techniques that automatically create a usable IP network without configuration or special servers. This allows inexpert users to connect computers, networked printers, and other items together and expect them to work automatically. Without Zeroconf or something similar, a knowledgeable user must either set up special services, like DHCP and DNS, or set up each computer's network settings by hand, which is a tedious task, and is challenging for non-technical people."
Both of these processes you asked about are normal integrated pieces of your OS. They have been around for years. They don't present any known dangers and can actually make your life easier while still maintaining security.
Thanks much for this response! I was reviewing the posts to try to find out what the heck this was in my log ( krb5kdc is listening from 0.0.0.0:88 uid = 0 proto=6) and came across your post
I thought this could be something to do with someone trying to hack into my computer.. thanks for the info. Trying to learn
I know this probably unrelated but just recently telnet from my MAC started acting up. Each time I try to telnet from a Terminal I get the error listed in the following:
so during the night my powerbook hung (it's old and tends to do that occasionally) and i had to poweroff/poweron this morning. sadly nothing too unusual.
but when i logged in to leopard a bunch of weird things happened.. the time/date was reset for example, though i've seen that before, so not too concerned. it had forgotten which wireless network to connect to (and the password). again, not too concerned.
but the firewall popped up allow/deny requests for krbkdc and nmbd. now, i know what these are but why has it suddenly done this? i never seen this happen before and i've been running leopard on it for 6+ months. according to the firewall documentation all apple system programs should be automatically digitally signed so they shouldn't be flagged by the firewall. if a program is modified then it needs to be re-confirmed and it's signature re-generated.
should i be concerned about an exploit? the only update i've done on it since the last reboot was the mobileme support, which i don't think would modify these programs?
or is it just the firewall being wonky? (it does tend to constantly pop up allow/deny requests for some programs, such as simplifymedia which, to my knowledge, is perfectly safe).