Marc Horowitz says:
Kerberos per se isn't sufficient to defend against session hijacking attacks, you know. The situation in question is really insidious and requires packet-by-packet cryptographic authentication.
No, but kerberos or something like it is necessary.
Well, sort of. A key management system that operates sort of like Kerberos' is necessary. However, thats really far from sufficient. Most Kerberized protocols authenticate only at the beginning of the session -- very very hijackable.
And I think I can safely say that anything which really defends against TCP sequence spoofing or hijacking attacks will be more invasive and require more effort than kerberos, not less.
Oh, hardly the case -- in fact in the architecture of the system I'm developing things are actually slightly easier than in the kerberos situation. Invasive I'll agree with -- encrypted/authenticated IP requires kernel mods. However, they can be made fairly painless. I'll point out, by the way, that one of the major problems with kerberos is just bad documentation and difficult build tools. Perry