Nessus can now use Kerberos for DCOM Authentication Summary...

Connect Contributor

1 year ago

Will this also support Kerberos armoring. AKA FAST?

We use the GPO setting "KDC support for claims, compound authentication for Dynamic Access Control and Kerberos armoring: Fail unarmored authentication requests"

It appears that Nessus Professional is incapable of using compound authentication for Kerberos. This is also knows as Flexible Authentication Secure Tunneling (FAST) for Kerberos

See MS Documentation at https://learn.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/hh831747(v=ws.11)

And also https://learn.microsoft.com/en-us/windows/security/identity-protection/credential-guard/additional-mitigations#kerberos-armoring

Can you confirm? If it does not support it, then how do we request this to be supported? This was available from MS back in 2012, over 10 years ago.

Thanks,

Eli

Forum Discussion

Nessus can now use Kerberos for DCOM Authentication Summary...

Recent Discussions

VMware Integration vSphere 9.0 Compatibility

Improvement to Printer OS Fingerprinting

NuGet Package Enumeration Updates

Cisco Meraki API Host Guidance

Delinea Platform Authentication Support

Americas

Europe

Asia / Australia