Rob Deker <deker@digex.net> writes:

> There is also now an exploit for krb4 floating around that is HIGHLY
> effective in cracking the passwds in a v4 database.

If this is the attack that I'm thinking of, then yes it is more
effective against version 4 (appart from the bug, that in most cases
didn't have any security impact), but certainly not impossible with
version 5.

There are of course other reasons to use Kerberos 5, but for now this
really isn't an option for people outside of the U.S (at least in
theory).

/Johan