Re: Faking administrators accounts?

From: x y (jamescagney90210@excite.com)
Date: 06/17/02


From: "x y" <jamescagney90210@excite.com>
Date: Mon, 17 Jun 2002 09:08:29 -0400


You could change the SID by disabling the administrator account and creating
other accounts with administrator privileges. It's frequently recommended
that each admin have their own administrator-equivalent account [in addition
to their normal non-privileged account] and avoid using generic shared
accounts such as "administrator" whenever possible, for better security and
accountability. However, someone who can get the login ID from the sid can
also probably enumerate your login IDs and possibly determine what groups
those IDs are in, as well as a lot of other stuff you don't want. In case
it wasn't already mentioned in this thread, there are settings you can
change to mitigate these risks, such as the RestrictAnonymous setting as
well as using firewalls.

"Daniel Masur" <d.masur@.d-s-a-g.nospam.de> wrote in message
news:eMnyTSfFCHA.2424@tkmsftngp04...
> "Ingmar Koecher" <ingmar.newsgroup@netikus.spam.net> schrieb im
Newsbeitrag
> news:adjb2h$tu5$1@msunews.cl.msu.edu...
> > The idea behind this is simple. Generally it's recommended to rename the
> > "Administrator" account to something else - the best would be normal
> > username ;-), so that an intruder not only has to find out the password
> but
> > also the username.
>
> But what about the uid?
> Afaik, the admin account has the uid 501.
> By simply renaming it the uid should remain the same.
>
> So the renamed admin account would still be gainable by trying the uid.
>
> Or am i wrong?
> -Daniel Masur
>
>



Relevant Pages

  • Re: Please help, no administrator access!
    ... hidden admin account i had to admin to activate it, ... clicked command prompt ... of keys in the form of another administrator account just in case. ...
    (microsoft.public.windows.vista.security)
  • Re: Vista Security Problem
    ... Have you changed any security permissions on files recently? ... Using the built-in administrator account, start the local group policy editor for both the local computer and your normal username: ... > running yet I cannot find the security service in admin tools/computer ...
    (microsoft.public.windows.vista.general)
  • Re: Recovery from total hack
    ... full admin permissions and then disable Administrator Account. ... Well of course passwords should be strong :-) ... ...
    (microsoft.public.win2000.security)
  • RE: windows xp servicepack 2
    ... "Access Denied" error when trying to install SP2 ... Log onto the computer via the built in administrator account (in Win XP Home ... and only remaining admin account does not have full admin priviledges. ...
    (microsoft.public.windowsupdate)
  • Re: Basic Authentication + IIS 5 + Windows 2000 + Frontpage 2002 = failure?
    ... administrator account -- we should have no problems at least browsing to ... server. ... | authentication dialog box. ...
    (microsoft.public.inetserver.iis.security)