Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

RE: About default sharing folders in Windows

From: "dave" <dave () netmedic net>
Date: Tue, 3 Jun 2003 01:01:00 -0400
It is best to "disable" the built in administrator account.

Dave


 
_____________________
Dave Kleiman
dave () netmedic net
www.netmedic.net

 

-----Original Message-----
From: David Gillett [mailto:gillettdavid () fhda edu] 
Sent: Monday, June 02, 2003 17:38
To: security-basics () securityfocus com
Subject: RE: About default sharing folders in Windows


I strongly suggest renaming the local Administrator and Guest account 
to something that is not easily guessed at.  In addition, you should 
probably create "dummy" accounts named "Administrator" and "Guest" 
that have no rights/no group memberships and are disabled.  Monitor 
the dummy accounts closely for log in attempts.


  Note that there's no point to this unless you *also* disable the ability
to enumerate accounts over a null connection.  The renamed Administrator
account will be trivial to spot by its ID otherwise.

David Gillett



---------------------------------------------------------------------------
----------------------------------------------------------------------------





---------------------------------------------------------------------------
----------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: