Password Script

  • Thread starter Thread starter Nicholas Edivan
  • Start date Start date
N

Nicholas Edivan

Situation:

Running a VBS password script locally on a workstation (script has password) that would change a remote local admin server password. All units are within AD.

Question:

Wouldn't that type of traffic be able to be sniffed?
 
What does the script use: ADSI, LDAP, invokes comamnd line tools, etc? Can
you post the script?

--
---
HTH,
Dobromir

Learn more about Security and Identity Management:
Visit http://www.iamechanics.com

"Nicholas Edivan" wrote in message
news:480F5750.5542.00AD.0@nospam.gov...
Situation:

Running a VBS password script locally on a workstation (script has password)
that would change a remote local admin server password. All units are within
AD.

Question:

Wouldn't that type of traffic be able to be sniffed?
 
Most likely yes, it could be sniffed, but it depends, such as
on whether the network is switched, on which net segments
are traversed, whether IPsec is in use to encrypt the traffic,
on what technologies are used by the script, etc..

"Nicholas Edivan" wrote in message
news:480F5750.5542.00AD.0@nospam.gov...
Situation:

Running a VBS password script locally on a workstation (script has password)
that would change a remote local admin server password. All units are within
AD.

Question:

Wouldn't that type of traffic be able to be sniffed?


--------------------------------------------------------------------------------


Situation:

Running a VBS password script locally on a workstation (script has password)
that would change a remote local admin server password. All units are within
AD.

Question:

Wouldn't that type of traffic be able to be sniffed?
 
There are 15 segments all running IPsec. The script is launched from a local workstation that is not part of the 15 segments. Created by OnScript Editor the script is as such: Creates a random complex password, LDAP server lookup, authenticates with Domain Admin to one server, changes password and moves on to the next server.

Since IPsec is running I believe the traffic will be able to be sniffed but not deciphered. Any thoughts...
 
So is this workstation running IPSec or not? If it's not, it will either run plain text traffic to the server (if the server is set for the IPSec Server Request Security mode), or unable to connect to the server (if the server is running IPSec Server Require Security Mode).

--
---
HTH,
Dobromir

Learn more about Security and Identity Management:
Visit http://www.iamechanics.com

"Nicholas Edivan" wrote in message news:48119FAA.5542.00AD.0@nospam.gov...
There are 15 segments all running IPsec. The script is launched from a local workstation that is not part of the 15 segments. Created by OnScript Editor the script is as such: Creates a random complex password, LDAP server lookup, authenticates with Domain Admin to one server, changes password and moves on to the next server.

Since IPsec is running I believe the traffic will be able to be sniffed but not deciphered. Any thoughts...
 
In which case - provided that they are able to successfully negotitate an IPSec policy (which you can test by means of a single ping between them) - they WILL protect (authenticate peer identity, authenticate data integrity, and encyrpt) all traffic between them, regardless of whether your script, or any other application was running on the workstation.

IPSec is a security layer of abstraction which works along with IP. Upper layer protocols - including TCP/UDP and all the apps on top of them - use this transparent layer of abstraction without any specific configuration.

--
---
HTH,
Dobromir

Learn more about Security and Identity Management:
Visit http://www.iamechanics.com

"Nicholas Edivan" wrote in message news:4816F0B5.5542.00AD.0@nospam.gov...
The workstation and server are both running IPSec: Required Mode
 
Back
Top