Greetings, Linda Walsh! > Andrey Repin wrote: >> Obscurity has no relation to security. >> Oh, and these both are disabled on my systems. >> >>> If you read windows 'rules', you'd know that... (so many rules >>> to read...really hard for someone to keep up)... >> >> There's no such rules as "rename default accounts". >> It makes no sense and bears no reason. > --- > Security best practices :
> See "https://technet.microsoft.com/en-us/library/cc747353%28v=ws.10%29.aspx" > and "https://technet.microsoft.com/en-us/library/jj852273.aspx" Bullshit. Both of them. You may "guess this user name and password combination" of a disabled account to your heart's content. It'll won't do square shit. The only times where you use the default administrator account is when you run domain recovery script from recovery console. And recovery console does not use the account name, neither check for status. It only ask for password. Solution: Ban default accounts and let attackers try their luck. @Greg Freemyer: An "army in the world" does not have passwords and firewalls. That's the only reason they are trying to rely on obscurity. Doesn't quite work, as attacker could just carpet bomb the target positions. -- With best regards, Andrey Repin Friday, September 25, 2015 11:14:20 Sorry for my terrible english... -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple