Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Focus-Microsoft
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

AW: Changing local admin PW using vb logon script - can it be encrypted?

from [Info] Network Security [Permanent Link]
Subject: AW: Changing local admin PW using vb logon script - can it be encrypted?
Date: Thu, 1 Dec 2005 18:32:06 +0100 
Hi Tom,
3 possible options out of the mind:

- Use GPO setting for a default admin pwd => Hashed PW will be transmitted by 
applying the pw (not really save, but better than
cleartext)
- Use SMB-Signing  for Client/Server requests/replies => secured transmission 
of logon events (cleartext, but secured in a signed
transport layer)
- Use IPSec for network traffic => best solution ever for secure transmission 
of IP-Traffic but most efforts for rollout & running
an enviroment

Hope it helped ;)

Andreas Habedank
----------------
HBDK.DE - IT-Security Management & Consulting - Ledersberg 3 - D-83727 
Schliersee
Mile2.com CPTS Instructor / CEH / MCSE / RSA SecurID SE

-----Ursprüngliche Nachricht-----
Von: tth8@cornell.edu [mailto:tth8@cornell.edu] 
Gesendet: Donnerstag, 1. Dezember 2005 18:03
An: focus-ms@securityfocus.com
Betreff: Changing local admin PW using vb logon script - can it be encrypted?

Hi all,

Long time lurker, first time poster.  We have roughly 500 computers that we?d 
like to change the local admin passwords on.  We
realize the security risks of having 1 password on all of our computers and are 
willing to assume that risk.  We?ve developed a VB
script that we can implement as a logon script that works perfectly to change 
the password.  We do not want this script sent along
as clear text if we can avoid it.  Is there any way we can encrypt this script? 
 

We?ve looked at options such as using Windows permissions to either deny Domain 
Users access (preventing anyone from reading the
script) or allowing only Domain Computers Read Only access?however I think that 
if you are logged into a local computer you should
be able to read the script.  Not to mention, if you could capture the packets, 
you could easily find the script and its contents so
permissions would matter at all in that scenario.  

Any help and/or insight is greatly appreciated.

Best,
?tom

---------------------------------------------------------------------------
---------------------------------------------------------------------------



---------------------------------------------------------------------------
---------------------------------------------------------------------------
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: Prohibiting Index Server does not prevent information leakage in IIS 6.0, Laura A. Robinson
Next by Date:  RE: Changing local admin PW using vb logon script - can it be enc rypted?, Finley, Francis
Previous by Thread:  Changing local admin PW using vb logon script - can it be encrypted?, tth8
Next by Thread:  Re: Changing local admin PW using vb logon script - can it be encrypted?, Thor (Hammer of God)
Indexes:  [Date] [Thread] [Top] [All Lists]