er... right click properties -> disable account? :D
well with all you registry hax0rz... im sure there must be SOMEWHERE where you can remove it. btw, if every windows2000 pc has built in admin & guest accounts, do you think the SIDs for those 2 accounts are the same on every pc or they are randomly created for each installation? stephen. -- Success On Hold (www.soh.co.za) [EMAIL PROTECTED] tel: (031) 207 4811 On Wed, 4 Jun 2003, dave wrote: > Actually Paris you can in theory "disable" the default admin. It just takes > a few tricks > > > > _____________________ > Dave Kleiman > [EMAIL PROTECTED] > www.netmedic.net > > > > > -----Original Message----- > From: Paris Stone [mailto:[EMAIL PROTECTED] > Sent: Wednesday, June 04, 2003 13:59 > To: stephen at unix dot za dot net; dave > Cc: [EMAIL PROTECTED] > Subject: RE: About default sharing folders in Windows > > Can't delete Administrator or Guest. Rename & Disable them, then create > dummy > accounts with those two default names. All acl's are checked against the > SID's not > the actual name and the SID's won't change with a rename. Therefore if you > can't > delete it and renaming it won't remove the assignments, you're hosed. There > are > tools out there that will scan your filesystem for rights, can't remember > any just > now. Audit the system and manually remove rights. > > stephen at unix dot za dot net ([EMAIL PROTECTED]) wrote: > > > > > >how about deleting the admininistrator account (killing that sid) > >recreating a new account, redoing the privileges for that account, > >and adding the new username to the administrator or appropriate group. > > > >then 'hack the registry' :D > > > >then you should be left with a box with no default shares, > >administrator/guest default accounts are non-existant, and the new ones > >have new SIDs. > > > >that a possible solution? > > > >oh yeh, this is my first post :D > > > > > >stephen > > > > > > > >[EMAIL PROTECTED] > >tel: (031) 207 4811 > > > > > > > >On Tue, 3 Jun 2003, dave wrote: > > > >> It is best to "disable" the built in administrator account. > >> > >> Dave > >> > >> > >> > >> _____________________ > >> Dave Kleiman > >> [EMAIL PROTECTED] > >> www.netmedic.net > >> > >> > >> > >> -----Original Message----- > >> From: David Gillett [mailto:[EMAIL PROTECTED] > >> Sent: Monday, June 02, 2003 17:38 > >> To: [EMAIL PROTECTED] > >> Subject: RE: About default sharing folders in Windows > >> > >> > I strongly suggest renaming the local Administrator and Guest account > >> > to something that is not easily guessed at. In addition, you should > >> > probably create "dummy" accounts named "Administrator" and "Guest" > >> > that have no rights/no group memberships and are disabled. Monitor > >> > the dummy accounts closely for log in attempts. > >> > >> Note that there's no point to this unless you *also* disable the > ability > >> to enumerate accounts over a null connection. The renamed Administrator > >> account will be trivial to spot by its ID otherwise. > >> > >> David Gillett > >> > >> > >> > >> > --------------------------------------------------------------------------- > >> > ---------------------------------------------------------------------------- > >> > >> > >> > >> > >> > >> > --------------------------------------------------------------------------- > >> > ---------------------------------------------------------------------------- > >> > >> > > > > > >--------------------------------------------------------------------------- > >--------------------------------------------------------------------------- > - > > > > -- > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > Paris Stone > CISSP, CCNP, CNE, MCSE > CIW Master Administrator / Security Analyst, NSA > http://www.ciscoinstructor.net/ > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > "The rich man is not the one with the most, but the one who needs the least" > > > > --------------------------------------------------------------------------- > ---------------------------------------------------------------------------- > > > > > --------------------------------------------------------------------------- ----------------------------------------------------------------------------
