> I strongly suggest renaming the local Administrator and Guest account > to something that is not easily guessed at. In addition, you should > probably create "dummy" accounts named "Administrator" and "Guest" > that have no rights/no group memberships and are disabled. Monitor > the dummy accounts closely for log in attempts.
Note that there's no point to this unless you *also* disable the ability to enumerate accounts over a null connection. The renamed Administrator account will be trivial to spot by its ID otherwise. David Gillett --------------------------------------------------------------------------- ----------------------------------------------------------------------------