Gerald, any plans for a new relese soon?
I would like to wait until after the next release to checkin my updated
kerberos and new packet-ber.c dissector so
it gets time to cook before let loose on the unsuspecting general public.
Those changes to packet-kerberos.c will hopefully make it "easier" to start
opening up and dissecting the encrypted blobs in
kerberos PDUs.
As a test/reference/practice exercise i generated the krb5telnet + keytab
files and uploaded them to the mailing list yesterday as
a test keytab+kerberos combination. the keytab file should contain the
secret key for the host/ service of the telnet server and should be useful
as a test example. when we can open kerberos blobs by reading keytab files
into ethereal, feel free to put both capture and keytab file on website as
reference for those adventurous. the hosts where the keytabs came from have
been permanently destroyed.
IF we can get keytab+ethereal working reasonably well it will allow
us/others to start looking at krb5 encrypted protocols
such as most of the (few) unknown dcerpc interfaces for AD that still has
not been reverse engineered yet.
and we will all be winners.