netlogon&&nt lm ssp

Netlogon

　　Maintains a secure channel between your computer and the domain controller for authenticating users and services. If this service is stopped, the computer may not authenticate users and services and the domain controller cannot register DNS records. If this service is disabled, any services that explicitly depend on it will fail to start.

NTLM

　　In a Windows network, NTLM (NT LAN Manager) is a suite of Microsoft security protocols that provides authentication, integrity, and confidentiality to users.NTLM is the successor to the authentication protocol in Microsoft LAN Manager(LANMAN), an older Microsoft product, and attempts to provide backwards compatibility with LANMAN. NTLM version 2 (NTLMv2), which was introduced in Windows NT 4.0 SP4 (and natively supported in Windows 2000), enhances NTLM security by hardening the protocol against many spoofing attacks, and adding the ability for a server to authenticate to the client.

　　NTLM is still widely used in situations where a domain controller is not available or is unreachable. For example, NTLM would be used if a client is not Kerberos capable, the server is not joined to a domain, or the user is remotely authenticating over the web.

NTLM Security Support Provider

　　NTLM SSP is based on Microsoft Windows NT® LAN Manager challenge/response and NTLM version 2 authentication protocols used on networks running versions of Windows NT operating system or Windows CE servers. The protocol is implemented through SSPI, which provides the functions for enumerating the providers available on a system, selecting one of the functions, and using it to obtain an authenticated connection. The registry controls the authentication protocol to use.

　　不是很懂，也许是知识积累太少。