jt.exe password transmission

  • Thread starter Thread starter mocity
  • Start date Start date
M

mocity

Hi, I am trying to use the jt.exe to schedule tasks on
remote 2000 and NT machines. When I specify on the
command-line a login and passowrd that the remote task
should run with,
is that password transmitted as clear text or is it encrypted?
thanks.
 
It probably is not encrypted. You could something like Ethereal to capture the packet
exchange sequence to see for sure. For W2K/XP Pro/W2003 computers, ipsec can be used
to encrypt network traffic. A computer with a require ipsec policy will require all
traffic defined in the filter rules to be encrypted. If you try ipsec in a domain,
controllers must be exempted by their static IP addresses from ipsec policies with
permit rules. Otherwise domain authentication can fail. --- Steve

http://www.microsoft.com/windows2000/techinfo/planning/security/ipsecsteps.asp
http://support.microsoft.com/?kbid=254949
 
Thanks. do the AT command and the schtak command also not
encrypt passwords across the network?
 
I am not sure about schwa but I believe that if you use AT to schedule a task on a
remote computer that password hashes are used to authenticate you as an administrator
on the target computer before that task is scheduled on the remote computer. AT
itself runs in system context. For a test I used AT to schedule a task on a remote
computer on my network and had auditing of logon events enabled on that remote
computer. The AT command worked and the remote computer recorded a logon event for me
in it's security log at the time matching using the AT command meaning that
authentication of at least ntlm was used. -- Steve
 
Back
Top