Full Disclosure mailing list archives

RE: [lists] Terminal Server vulnerabilities

From: "ALD, Aditya, Aditya Lalit Deshmukh" <aditya.deshmukh () online gateway expertworks net>
Date: Thu, 27 Jan 2005 14:32:01 +0530

Of course, one of the very first things you should do on a Windows box 
is rename the administrator account, so this kind of blind 
brute-forcing is not possible.


There are ways to find out the usernames that are admin they begin with 500_
( do a Google search if you want )

Any script kiddy worth his salt will tell u this... So this one is off
because renaming admin account will only be security thru obscurity witch is
not good for the internet...

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

Terminal Server vulnerabilities Daniel Sichel (Jan 24)
- RE: [lists] Terminal Server vulnerabilities Curt Purdy (Jan 25)
  - Re: [lists] Terminal Server vulnerabilities Steve Tornio (Jan 25)
    - RE: [lists] Terminal Server vulnerabilities ALD, Aditya, Aditya Lalit Deshmukh (Jan 27)
    - Re: [lists] Terminal Server vulnerabilities Jan Muenther (Jan 27)
    - RE: [lists] Terminal Server vulnerabilities ALD, Aditya, Aditya Lalit Deshmukh (Jan 27)
    - Re: [lists] Terminal Server vulnerabilities Jan Muenther (Jan 27)
  - Re: [lists] Terminal Server vulnerabilities Jonathan Rickman (Jan 26)
- Re: Terminal Server vulnerabilities Nicolas RUFF (lists) (Jan 27)
  - Re: Terminal Server vulnerabilities Valdis . Kletnieks (Jan 27)
- <Possible follow-ups>
- Re: Terminal Server vulnerabilities Daniel H. Renner (Jan 24)
  - RE: Re: Terminal Server vulnerabilities Larry Seltzer (Jan 25)
  - Re: Terminal Server vulnerabilities offtopic (Jan 25)
- RE: Re: Terminal Server vulnerabilities Mark Senior (Jan 25)

(Thread continues...)