Kerberos - 88

Replay attacks on authentication tokens.

Ticket forgery if encryption is weak.

Privilege escalation via stolen service tickets or keys.

Use short ticket lifetimes and renew tickets frequently.

Enforce strong encryption algorithms (e.g., AES).

Monitor ticket-granting ticket (TGT) requests and unusual activity.

Unexpected TGT requests or renewals.

Abnormal service ticket usage.

Failed Kerberos authentications in logs.