#Kerberos - [**Named Pipe**](https://docs.microsoft.com/en-us/windows/win32/ipc/named-pipes)**:** A way that processes communicate with each other via SMB (TCP 445). Operates on Layer 5 of the OSI model. A named pipe can listen for requests Similar to how a port can listen for connections. - [Access Token](https://learn.microsoft.com/en-us/windows/win32/secauthz/access-tokens): An _access token_ is an object that describes the _security context_ of a _process_ or thread. The information in a token includes the identity and privileges of the user account associated with the process or thread. When a user logs on, the system verifies the user’s password by comparing it with information stored in a security database. When a user’s credentials are _authenticated_, the system produces an access token. Every process executed on behalf of this user has a copy of this access token. In another way, it contains your identity and states what you can and can’t use on the system. Access tokens reference logon sessions which is what’s created when a user logs into Windows. - **Network Logon (Type 3):** Network logons occur when an account authenticates to a remote system/service. During network authentication, reusable credentials are not sent to the remote system. As such, when a user logs into a remote system via a network logon, the user’s credentials will not be present on the remote system to perform further authentication. This brings in the [**double-hop**](https://techcommunity.microsoft.com/blog/askds/understanding-kerberos-double-hop/395463) problem, meaning if we have a one-liner that connects to one target via Network logon, then also reaches out via SMB, no credentials are present to login over SMB, therefore login fails.