Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Focus-Microsoft
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Renaming Administrator account

from [Daniel Kuhlmann] Network Security [Permanent Link]
Subject: Re: Renaming Administrator account
Date: Thu, 17 Nov 2005 13:55:06 +0100 

Besides worms etc. "obscurity" has another advantage. Footprinting is the 
hardest part of hacking. Not to reveal relevant information is [hopefully] not 
the only security, but an important line in your defense-in-depth. It just must 
not be so obscure that you are confusing yourself. So I suggest to disable the 
"-500 Admin" and to use personalized admin-accounts, especially when you have 
some colleges that have admin-rights too. If you are locked out, you can always 
use the "disabled" -500 Admin in Secure Mode. If you disable NetBIOS/anonymous 
bind, the (external) hacker is relatively blind, so you can even use 
descriptive names like "admin-daniel". To be better protected against internal 
attacks you can change a security descriptor in AD so the membership of your 
admin-group can only be read by the relevant services (I don't remember the 
exact title - something like "Securing AD - Day by Day operations"). But I 
think this is already on the evil side of hardening and the hint!
  was for win2000 anyway. 

regards,
Daniel


"Derick Anderson" <danderson@vikus.com> schrieb am 15.11.05 23:24:43:


Is changing the Administrator account name really worthwhile or not? My
largely unfounded, sparsely researched opinion is this:


______________________________________________________________________
XXL-Speicher, PC-Virenschutz, Spartarife & mehr: Nur im WEB.DE Club!            
Jetzt gratis testen! http://freemail.web.de/home/landingpad/?mc=021130


---------------------------------------------------------------------------
---------------------------------------------------------------------------
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: ISA Server or Firewall Appliance?, James Eaton-Lee
Next by Date:  RE: ISA Server or Firewall Appliance?, Nick Wells
Previous by Thread:  RE: Renaming Administrator account, Laura A. Robinson
Next by Thread:  SecurityFocus Microsoft Newsletter #265, Marc Fossi
Indexes:  [Date] [Thread] [Top] [All Lists]