RE: At.exe Service Account - scripted or registry?
From: ATarasul@SpencerStuart.com
Date: 01/28/03
- Previous message: Kriss Warner: "RE: Win2k log management"
- Maybe in reply to: ATarasul@SpencerStuart.com: "At.exe Service Account - scripted or registry?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 28 Jan 2003 10:47:52 -0600 From: <ATarasul@SpencerStuart.com> To: <focus-ms@securityfocus.com>
Additional information on the topic:
Using RegMon it look like the values are stored into
HKLM\SECURITY\Policy\Secrets\SANSC\(Default).
-----Original Message-----
From: Tarasul, Alexander
Sent: Friday, January 24, 2003 12:36 PM
To: focus-ms@securityfocus.com
Subject: At.exe Service Account - scripted or registry?
There is a trick to set "AT Service Account" to existing account , but
wrong dummy password - front end validation validate only account name.
In this case jobs scheduled with "at" - assuming attacker managed to run
at - will not be able to execute. Any idea how to do this in script or
by writing to registry to distribute through template/policy?
Thanks
Alexander
Microsoft How-to is:
Open Control Panel and double-click Scheduled Tasks.
In the Scheduled Tasks window, open the Advanced menu and then choose AT
Service Account.
Click This Account and specify a particular user and password. Click OK.
- Next message: Raoul Armfield: "RE: Win2k log management"
- Previous message: Kriss Warner: "RE: Win2k log management"
- Maybe in reply to: ATarasul@SpencerStuart.com: "At.exe Service Account - scripted or registry?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
