Re: network traffic encryption???

From: Steven Umbach (n9rou_at_n0spam-comcast.net)
Date: 06/29/04

• Next message: sancho: "Re: deploying paches"
• Previous message: Keith: "network traffic encryption???"
• In reply to: Keith: "network traffic encryption???"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Tue, 29 Jun 2004 03:58:52 GMT

No it is not. User authentication however in a default installation never allows
passwords to be sent over the network in clear text but a encrypted password
hash is used instead in a challenge/reponse session . Replication traffic
between W2K domain controllers is always encrypted per the kerberos protocol
which is one reason AD integrated dns zones are recommended. W2K introduced
ipsec which allows traffic to be encrypted between W2K member servers and member
servers [but not domain controllers]. The three default ipsec policies which can
be modified to your needs are client/respond, server/request, and
server/require. A computer with a require ipsec policy will not communicate with
any computer unless traffic can be secured via ipsec with a combination of
either ESP and/or AH which can use DES, 3DES, SHA1, or MD5. See the link below
for more information on ipsec. A security association will use the strongest
encryption that can be negotiated between the computers which would be 3DES/SHA1
in a default W2K installation. --- Steve

http://www.microsoft.com/windows2000/techinfo/planning/security/ipsecsteps.asp
http://www.microsoft.com/windows2000/techinfo/howitworks/security/ip_security.asp

"Keith" <ms2331@yahoo.com> wrote in message
news:O1qPl6XXEHA.2408@tk2msftngp13.phx.gbl...
> Does anyone know whether the network traffic between Windows 2000 client and
> server is encrypted? If so, what kind of encryption is being used?
>
>

• Next message: sancho: "Re: deploying paches"
• Previous message: Keith: "network traffic encryption???"
• In reply to: Keith: "network traffic encryption???"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: ipsec and encryption in mixed environment ... computer is accessing a server with the request policy. ... ipsec encryption does incur overhead in performance. ... > We use windows 2000 servers but our desktops are mixed ... (microsoft.public.win2000.security) Re: Encrypting remote files with EFS ... >They really don't have trusted for delegation. ... >local EFS credentials as the domain user. ... >If you really want to disable EFS on the file servers use a Group Policy ... remote encryption is not enabled by default. ... (Focus-Microsoft) RE: Encrypting remote files with EFS ... Encrypting remote files with EFS ... My suspicion would be that the files on the suspect servers are not ... remote encryption is not enabled by default. ... (Focus-Microsoft) Re: Encrypting remote files with EFS ... If you need something "Cost Comparable" to EFS (i.e. if you chose EFS ... file servers. ... remote encryption is not enabled by default. ... (Focus-Microsoft) Re: Encrypting remote files with EFS ... My suspicion would be that the files on the suspect servers are not actually ... Encrypting remote files with EFS ... remote encryption is not enabled by default. ... (Focus-Microsoft)

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint