Re: Network Hacking

From: Steven L Umbach (sumbach@ameritech.net)
Date: 02/20/03 

From: "Steven L Umbach" <sumbach@ameritech.net>
Date: Thu, 20 Feb 2003 20:10:55 GMT

         Really?? Physically securing your computers, especially domain
controllers is an absolute must. Set a very hard to guess password on the
administrator account. Change passwords on all administrator accounts, use
password policies that specify password length, complexity, duration, and
lockout. Be sure to audit log on attempts. Keep administrators group
membership to absolute minimum and allow admininstrors to use their
adminisrative account only when they have to and from specific secure
machines. If you have any W98/95 machines be aware of their weak lm
authentication that can be upgraded by installing Active Directory Client.
Never use same administrative password on a local machine account as on the
domain - workstations can have their passwords easily cracked. You should
ALWAYS assume someone is going to try to hack your network. Here are some
links. -- Steve

http://www.labmice.net/articles/securingwin2000.htm
http://securityadmin.info/faq.htm
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/
default.asp
http://www.bookpool.com/.x/hmc35ekcri/sm/0072192623

"Vanguyver" <vanguyver@hotmail.com> wrote in message
news:011201c2d909$e1b8e880$a101280a@phx.gbl...
> I work for a small University. I was just informed that
> one of the professors is teaching a class on hacking.
> This professor is showing his students how to hack into a
> Microsoft systems. He instructed his students to attempt
> hacking to the Universities network. There grades are
> based on how many administrative passwords they are able
> to obtain. I am not that verse with hacking methods.
> Are there any website, books or programs that I could get
> to bring me up to speed very quickly? Also, are there
> any immediate security features I should check? If any
> of the students successfully hack into our network, all
> employees and students SSN, grade, and other personal
> information will be compromised.
>
>
> Any Advise would be greatly appreciated.
>

Relevant Pages

  • Administrator password during WinXP installation?
    ... password when WinXP Professional boots up to the WinXP ... Professional installation for the Administrator account ...
    (microsoft.public.windowsxp.security_admin)
  • Re: Help - administrator locked out!
    ... a DC the local administrator account 'goes away'. ... pretty sure I should be able to remember the local admin password. ... The Administrator account shouldn't have it's password set to expire ... I'm not knocking your career choice but it's your practices that got ...
    (microsoft.public.windows.server.general)
  • Re: Network Hacking
    ... I never use the default administrator account, ... Passwords should be a random combination of upper case, ... He instructed his students to attempt ...
    (microsoft.public.win2000.security)
  • RE: Corrupt Administrator Account?
    ... Thank you for posting in SBS newsgroup. ... Standard SP1 and an Administrator account can not log onto any client ... it will have the administrator privilege on your workstation. ...
    (microsoft.public.windows.server.sbs)
  • Re: Document and settingsAdministrator folder missing
    ... If your computer is working fine, having the Administrator account active on ... Booting into Safe Mode should not be a problem as your other accounts would be ... I have this folder before and I have logged in as administartor when I first ...
    (microsoft.public.windowsxp.general)