Hosting Provided By

Re: About default sharing folders in Windows

From: Roger A. Grimes <rogerg(at)cox.net>
Date: Wed Jun 04 2003 - 14:39:23 EDT

FYI, you can delete the administrator account with a free third party utility. I forget its name off the top of my head, but it's discussed in Hacking Exposed Windows 2000.

Of course, I've never been brave enough to try it in a production environment.

Roger

*Roger A. Grimes, Computer Security Consultant
*CPA, MCSE (NT/2000), CNE (3/4), A+
*email: rogerg@cox.net
*cell: 757-615-3355
*Author of Malicious Mobile Code:  Virus Protection for Windows by O'Reilly
*http://www.oreilly.com/catalog/malmobcode
****************************************************************************
******

Original Message ----- From: "Paris Stone" <paris@ciscoinstructor.com> To: "stephen at unix dot za dot net" <stephen@unix.za.net>; "dave" <dave@netmedic.net> Cc: <security-basics@securityfocus.com> Sent: Wednesday, June 04, 2003 1:59 PM Subject: RE: About default sharing folders in Windows

> Can't delete Administrator or Guest. Rename & Disable them, then create
dummy
> accounts with those two default names. All acl's are checked against the
SID's not
> the actual name and the SID's won't change with a rename. Therefore if
you can't
> delete it and renaming it won't remove the assignments, you're hosed.
There are
> tools out there that will scan your filesystem for rights, can't remember
any just
> now. Audit the system and manually remove rights.
ability
> >> to enumerate accounts over a null connection. The renamed
Administrator
> >> account will be trivial to spot by its ID otherwise.
> >>
> >> David Gillett
> >>
> >>
> >>
>
>> -------------------------------------------------------------------------

--

>

>> -------------------------------------------------------------------------

---

> >>

> >>

> >>

> >>

> >>

>

>> -------------------------------------------------------------------------

--

>

>> -------------------------------------------------------------------------

---

> >>

> >>

> >

> >

>

>---------------------------------------------------------------------------

>

>---------------------------------------------------------------------------

-

> >

>

> --

> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

> Paris Stone

> CISSP, CCNP, CNE, MCSE


least"

>

>

>

> --------------------------------------------------------------------------

-

> --------------------------------------------------------------------------

--

>



---------------------------------------------------------------------------
----------------------------------------------------------------------------

Received on Wed Jun 4 17:23:26 2003

This message: [ Message body ]
Next message: Aj Effin Reznor: "Re: Distressing, possibly life threatening emails from free accounts"
Previous message: Lariviere, Stephen: "RE: Is Citrix safe?"
In reply to Paris Stone: "RE: About default sharing folders in Windows"
Next in thread: dave: "RE: About default sharing folders in Windows"
Reply: Roger A. Grimes: "Re: Windows 2000 Registry"
Reply: Roger A. Grimes: "RE: Hard Drive Encrypting"
Reply: jeremy: "Re: Hard Drive Encrypting"
Reply: Alejandro Salgado: "RE: Hard Drive Encrypting"
Reply: Allan Foster: "RE: Hard Drive Encrypting"
Reply: Ng, Edward B: "RE: Hard Drive Encrypting"
Reply: Roger A. Grimes: "Re: Ten least secure programs"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:04:41 EDT