Re: Renaming Administrator account

From: Daniel Kuhlmann (dakuhlmann_at_web.de)
Date: 11/17/05

  • Next message: Nick Wells: "RE: ISA Server or Firewall Appliance?" 
    Date: Thu, 17 Nov 2005 13:55:06 +0100
To: focus-ms@securityfocus.com

    Besides worms etc. "obscurity" has another advantage. Footprinting is the hardest part of hacking. Not to reveal relevant information is [hopefully] not the only security, but an important line in your defense-in-depth. It just must not be so obscure that you are confusing yourself. So I suggest to disable the "-500 Admin" and to use personalized admin-accounts, especially when you have some colleges that have admin-rights too. If you are locked out, you can always use the "disabled" -500 Admin in Secure Mode. If you disable NetBIOS/anonymous bind, the (external) hacker is relatively blind, so you can even use descriptive names like "admin-daniel". To be better protected against internal attacks you can change a security descriptor in AD so the membership of your admin-group can only be read by the relevant services (I don't remember the exact title - something like "Securing AD - Day by Day operations"). But I think this is already on the evil side of hardening and the hint!
      was for win2000 anyway.

    regards,
    Daniel

    "Derick Anderson" <danderson@vikus.com> schrieb am 15.11.05 23:24:43:

    > Is changing the Administrator account name really worthwhile or not? My
    > largely unfounded, sparsely researched opinion is this:

    ______________________________________________________________________
    XXL-Speicher, PC-Virenschutz, Spartarife & mehr: Nur im WEB.DE Club!
    Jetzt gratis testen! http://freemail.web.de/home/landingpad/?mc=021130

    ---------------------------------------------------------------------------
    ---------------------------------------------------------------------------

  • Next message: Nick Wells: "RE: ISA Server or Firewall Appliance?"