Security

[Guest]

Guys I have a problem in my work, witch is distressing me.
I am a domain admin with aprox. 300 workstations.
The problem is every time i change the local admin password on all PCs,
somehow the new password is known by people that shouldn’t have this
information.

Iam using a script to change all local admin passwords, but I guess the
password is available to anyone using some software or hardware in the middle
to capture and analyze the TCP/IP packets.

My questions are:
If I use the computer management do connect to the remote PC and from there
change the admin password, would the password be ‘visible’ to some one in the
middle?

What would be the most safe way to change the local admin password on all
workstations without using IPSec?


Tanks

 

[David H. Lipman]

From: "Paul Picard" <[email protected]>

| Guys I have a problem in my work, witch is distressing me.
| I am a domain admin with aprox. 300 workstations.
| The problem is every time i change the local admin password on all PCs,
| somehow the new password is known by people that shouldn’t have this
| information.
|
| Iam using a script to change all local admin passwords, but I guess the
| password is available to anyone using some software or hardware in the middle
| to capture and analyze the TCP/IP packets.
|
| My questions are:
| If I use the computer management do connect to the remote PC and from there
| change the admin password, would the password be ‘visible’ to some one in the
| middle?
|
| What would be the most safe way to change the local admin password on all
| workstations without using IPSec?
|
| Tanks

I doubt they are sniffering for the password. They are READING the script !

You should use software that changes the admin. password that enrypts the password..
Otherwise visit each and every PC and do it manually.

 

[Guest]

From: "Paul Picard" <[email protected]>

| Guys I have a problem in my work, witch is distressing me.
| I am a domain admin with aprox. 300 workstations.
| The problem is every time i change the local admin password on all PCs,
| somehow the new password is known by people that shouldn’t have this
| information.
|
| Iam using a script to change all local admin passwords, but I guess the
| password is available to anyone using some software or hardware in the middle
| to capture and analyze the TCP/IP packets.
|
| My questions are:
| If I use the computer management do connect to the remote PC and from there
| change the admin password, would the password be ‘visible’ to some one in the
| middle?
|
| What would be the most safe way to change the local admin password on all
| workstations without using IPSec?
|
| Tanks

I doubt they are sniffering for the password. They are READING the script !

You should use software that changes the admin. password that enrypts the password..
Otherwise visit each and every PC and do it manually.

Yes, i too have reasons to believe they are reading the script.
Still i run it from one DC, so this vbs file is not on every PC, but only in
the domain controller.

Do you know a name of a good software for make this possible?

Tks.

 

[David H. Lipman]

From: "Paul Picard" <[email protected]>


| Yes, i too have reasons to believe they are reading the script.
| Still i run it from one DC, so this vbs file is not on every PC, but only in
| the domain controller.
|
| Do you know a name of a good software for make this possible?
|
| Tks.

No. Sorry :-(