Strange question I can’t quite seem to find the answer to. My friend and I at work often shoot each other messages using the net send command, but I wonder… is this effectively point to point communication, or does our server possibly intercept and store all these messages?
The messages are definitely stored on the sending and the receiving computers’ event logs. They are source types of Application Popup, and event type of 26.
I didn’t see any of those messages stored on the server I checked, but it’s possible that the Win2K server I logged into wasn’t my local authenticating server. It was the nearest, though.
Really?? My coworker and I use “net send” all the time to bitch covertly. (I love DOS, it reminds me of my youth) We’re not allowed to download those messenger type programs. ARGH, I guess we need to be more careful.
No, these messages are point to point and do not require a server or domain in order to work. As long as you can be authenticated on the other workstation, you can send the message. If you are logged into a domain, there would be a credential check when you do the net send, similar to if you mapped a drive to your friend’s computer it would check your token to see if you were authorized for that operation.
Depending on policy settings the message may be logged in the individual workstation but it cannot be tracked on any server. The only way for a network admin to see such activity would be to actively look for it in the network traffic (not gonna happen).
Pretty good news, thanks!
There is no authentication required. You can send a message to any NT-based machine running the Messenger service. Spammers take advantage of this all the time. Microsoft recommends using a firewall and/or disabling the Messenger service to prevent being spammed.