NTLMSSP
Encyclopedia
NTLMSSP is a binary messaging protocol used by the Microsoft Security Support Provider Interface
(SSPI) to facilitate NTLM
challenge-response authentication and to negotiate integrity and confidentiality options. NTLMSSP is used wherever SSPI authentication is used including, but not limited to, Server Message Block
/CIFS extended security authentication, HTTP Negotiate authentication (e.g. IIS
with IWA
turned on) and MSRPC
services.
The Windows Service
offering the acceptor side of NTLMSSP has been removed from Windows Vista
and Windows Server 2008 in favor of the newer Kerberos authentication protocol.
The NTLMSSP and NTLM
challenge-response protocol have been fairly well documented in Microsoft's Open Protocol Specification.
Security Support Provider Interface
Security Support Provider Interface is an API used by Microsoft Windows systems to perform a variety of security-related operations such as authentication....
(SSPI) to facilitate NTLM
NTLM
In a Windows network, NTLM is a suite of Microsoft security protocols that provides authentication, integrity, and confidentiality to users....
challenge-response authentication and to negotiate integrity and confidentiality options. NTLMSSP is used wherever SSPI authentication is used including, but not limited to, Server Message Block
Server Message Block
In computer networking, Server Message Block , also known as Common Internet File System operates as an application-layer network protocol mainly used to provide shared access to files, printers, serial ports, and miscellaneous communications between nodes on a network. It also provides an...
/CIFS extended security authentication, HTTP Negotiate authentication (e.g. IIS
Internet Information Services
Internet Information Services – formerly called Internet Information Server – is a web server application and set of feature extension modules created by Microsoft for use with Microsoft Windows. It is the most used web server after Apache HTTP Server. IIS 7.5 supports HTTP, HTTPS,...
with IWA
Integrated Windows Authentication
Integrated Windows Authentication is a term associated with Microsoft products that refers to the SPNEGO, Kerberos, and NTLMSSP authentication protocols with respect to SSPI functionality introduced with Microsoft Windows 2000 and included with later Windows NT-based operating systems...
turned on) and MSRPC
MSRPC
Microsoft RPC is a modified version of DCE/RPC. Additions include support for Unicode strings, implicit handles, inheritance of interfaces , and complex calculations in the variable-length string and structure paradigms already present in DCE/RPC.- Example :The DCE 1.0 reference implementation...
services.
The Windows Service
Windows Service
On Microsoft Windows operating systems, a Windows service is a long-running executable that performs specific functions and which is designed not to require user intervention. Windows services can be configured to start when the operating system is booted and run in the background as long as...
offering the acceptor side of NTLMSSP has been removed from Windows Vista
Windows Vista
Windows Vista is an operating system released in several variations developed by Microsoft for use on personal computers, including home and business desktops, laptops, tablet PCs, and media center PCs...
and Windows Server 2008 in favor of the newer Kerberos authentication protocol.
The NTLMSSP and NTLM
NTLM
In a Windows network, NTLM is a suite of Microsoft security protocols that provides authentication, integrity, and confidentiality to users....
challenge-response protocol have been fairly well documented in Microsoft's Open Protocol Specification.