Correct me if I'm wrong, but as I know, you can't delete the built in accounts on W2k. Thus, the best way to improve security is renaming those accounts and creating dummy ones.
Guilherme -----Original Message----- From: stephen at unix dot za dot net [mailto:[EMAIL PROTECTED] Sent: Wednesday, 4 de June de 2003 6:24 AM To: dave Cc: [EMAIL PROTECTED] Subject: RE: About default sharing folders in Windows how about deleting the admininistrator account (killing that sid) recreating a new account, redoing the privileges for that account, and adding the new username to the administrator or appropriate group. then 'hack the registry' :D then you should be left with a box with no default shares, administrator/guest default accounts are non-existant, and the new ones have new SIDs. that a possible solution? oh yeh, this is my first post :D stephen -- Success On Hold (www.soh.co.za) [EMAIL PROTECTED] tel: (031) 207 4811 On Tue, 3 Jun 2003, dave wrote: > It is best to "disable" the built in administrator account. > > Dave > > > > _____________________ > Dave Kleiman > [EMAIL PROTECTED] > www.netmedic.net > > > > -----Original Message----- > From: David Gillett [mailto:[EMAIL PROTECTED] > Sent: Monday, June 02, 2003 17:38 > To: [EMAIL PROTECTED] > Subject: RE: About default sharing folders in Windows > > > I strongly suggest renaming the local Administrator and Guest > > account to something that is not easily guessed at. In addition, > > you should probably create "dummy" accounts named "Administrator" > > and "Guest" that have no rights/no group memberships and are > > disabled. Monitor the dummy accounts closely for log in attempts. > > Note that there's no point to this unless you *also* disable the > ability to enumerate accounts over a null connection. The renamed > Administrator account will be trivial to spot by its ID otherwise. > > David Gillett > > > > ---------------------------------------------------------------------- > ----- > ---------------------------------------------------------------------------- > > > > > > ---------------------------------------------------------------------- > ----- > ---------------------------------------------------------------------------- > > --------------------------------------------------------------------------- ---------------------------------------------------------------------------- --------------------------------------------------------------------------- ----------------------------------------------------------------------------
