Share via


Kerberos Double Hop - Basics

NTLM
NT LAN Manager
Authentication Protocol
Windows Challenge/Response
NTLM is Used when Kerberos Authentication fails or when you try to access resource using the IP address

Kerberos
Authentication Protocol
Uses "Tickets" for Authentication
Preferred Protocol in Windows 2000 onwards Operating Systems
Used by default and when you access resource using the NetBIOS/FQDN Name


Kerberos is considered as more secure then NTLM***

Reason: There are NULL sessions in NTLM where as Kerberos does not have any NULL sessions

Example:

 

http://1.bp.blogspot.com/_pL7qVUWvLsU/TSDMqscbA1I/AAAAAAAABoo/4qUS86g4rSA/s640/NTLM.PNG

http://2.bp.blogspot.com/_pL7qVUWvLsU/TSDMrCrSqCI/AAAAAAAABos/8Lsbly_yRTQ/s640/Kerberos.PNG