I just checked this out with the MS security guys. The administrator
account CAN be protected (i.e. made part of NT's account locking policy
scheme) by using the PASSPROP utility from the NT Resource Kit.
Of course that means you have to purchase the NT Resource Kit...
Alternatively, if you REALLY consider this an issue, simply disable the
Administrator account and use another one for admin tasks - as many do
anyway. A practice used even under VMS, where the SYSTEM account is usually
disabled on most secure systems.
BTW - in investigating this, I turned up what may be a related security
issue with NT. Shouldn't affect its use as a firewall though.
Brian Steele
> -----Original Message-----
> From: Markus D�hr [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, June 09, 1999 7:17 AM
> To: 'Brian Steele'; [EMAIL PROTECTED]
> Subject: RE: Why not NT?
> Importance: High
>
>
> > Care to elaborate on this "buggy and insecure" RPC thingy?
> >
> > I thought the security problems with RPC were hotfixed ages ago.
>
> try a
>
> net use \\servername\ipc$ "" /user:""
>
> and you'll get a NULL-connect to your server.
>
> Then use NAT.EXE to guess passwords.
>
> This will work on NT 4.0 SP4. Because the administrator account never gets
> locked due to wrong logons, your can go on and on and on...
>
> Just one of them...
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
