Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: [lists] Terminal Server vulnerabilities

From: Jan Muenther <jan.muenther () nruns com>
Date: Thu, 27 Jan 2005 17:18:14 +0100
There are ways to find out the usernames that are admin they begin with 500_
( do a Google search if you want )

Any script kiddy worth his salt will tell u this... So this one is off
because renaming admin account will only be security thru obscurity witch is
not good for the internet...


It's also only possible when you've got NetBIOS/CIFS open to the Internet, 
which is something even worse on the Internet. Even though the SID/RID of the
administrator can be determined remotely under these conditions, I'd
still recommend the renaming of the account as a standard hardening procedure. 

And fwiw, the fact that a security safeguard can be overcome is not a reason to
completely disregard it. With this argumentation, you could sell your firewalls.

Cheers, j.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Previous By Date Next
Previous By Thread Next

Current thread: