Odd Behavior in Windows XP Home

From: Cullen Johnson (johnson.jc.1@PG.COM)
Date: 01/18/02


Date:         Fri, 18 Jan 2002 16:51:37 -0500
From: Cullen Johnson <johnson.jc.1@PG.COM>
To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM

I found something unexpected when configuring Windows XP Home Edition. It
appears that disabling the guest account (from the User Accounts tool) only
removes the Log On Local right. Guest users are still able to connect to shared
resources across the network.

Microsoft Knowledge Base article q300489 describes this behavior and states that
it is by design.

I found this when our anti-virus reported Nimda infected files on a directory we
never use. The event log reported that 3 different workstations had connected
to the computer as Guest.

Needless to say, we've learned a lot about firewalls in the last days.

Cullen Johnson

============================================================================
Delivery co-sponsored by VeriSign - The Internet Trust Company
============================================================================
FREE E-COMMERCE SECURITY INFRASTRUCTURE GUIDE
When building an e-commerce site, you want to start with a strong, secure
foundation. Learn how with VeriSign's FREE White Paper, "Building an
E-Commerce Trust Infrastructure." See how you can authenticate your site to
customers, use 128-Bit SSL encryption to secure your web servers, and accept
secure payments online. Click here:
http://www.verisign.com/cgi-bin/go.cgi?a=n116965650045000
============================================================================