02 January, 2011

Kerberos Double Hop - Basics

NTLM
NT LAN Manager
Authentication Protocol
Windows Challenge/Response
NTLM is Used when Kerberos Authentication fails or when you try to access resource using the IP address

Kerberos
Authentication Protocol
Uses "Tickets" for Authentication
Prefered Protocol in Windows 2000 onwards Operating Systems
Used by default and when you access resource using the NetBIOS/FQDN Name

Kerberos is considered as more secure then NTLM

Reason: There are NULL sessions in NTLM where as Kerberos does not have any NULL sessions

Example: