George Boyce says: > > Of course, the real answer is to kerberize all access to your machine, but. .. > > Unless your kerberos server is also a victim. :-( Kerberos servers should, as a matter of principle, be running nothing but kerberos. Any kerberos server that depends on other network servers to function has been horribly misdesigned. (I have on several occassions run NTP servers as well on Kerberos servers, but thats an unusual exception.)