- Terminal Access Controller Access Control System Plus
- a proprietary protocol developed by Cisco to support AAA in a network with many routers and switches
- uses TCP port 49 by default
- separates authorization, authentication, and accountin into different parts
- uses PAP, CHAP, md5 hashes, and Kerberos to authenticate
Kerberos
- an authentication protocol that has no connection to PPP
- use for TCP/IP networks with many clients all connected to a single authenticating server
- Key Distribution Center (KDC)
- Authentication Server (AS)
- Ticket Granting Service (TGS)
- installed on the domain controller
- the client sends a request that includes a hash of the user name and password to the AS
- the AS compares the results
No comments:
Post a Comment