Re: Network Hacking

From: George (gelectric@mail.net)
Date: 08/15/00

• Next message: Vanguyver: "Network Hacking"
• Previous message: Charles Gregory: "Win2k Pro in NT4.0 Domain Environment"
• In reply to: Vanguyver: "Network Hacking"
• Next in thread: Vanguyver: "Network Hacking"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

From: "George" <gelectric@mail.net>
Date: Tue, 15 Aug 2000 14:51:16 -0500

I never use the default administrator account, always rename it to something
else. Also, set up a dummy account with the name administrator with no
rights and turn on auditing to see if someone is trying to use the username
administrator.

I belive there is a NT utility that can cause the administrator account (or
whatever you re-named it) to be locked out after 3 failed logon attempts,
only remote logons, not local logons. Sorry, can't remember the name of it.
Syskey maybe?

Passwords should be a random combination of upper case, lower case letters
plus numbers. Even punctuation marks like "!". Never use dictionary words
(any real word that might be in a dictionary). Some people recommend a 7
letter or 14 letter password as best (due to legacy windows authentication
on mixed networks). Passwords can be split into 2 pieces and cracked
separately. A nine-letter password might be easy to crack - split into a 7
and a 2 letter chunk, crack the 2-letter chunk (easier), then look for all
dictionary words that end in those last 2 letters for example.

George

"Vanguyver" <vanguyver@hotmail.com> wrote in message
news:011201c2d909$e1b8e880$a101280a@phx.gbl...
> I work for a small University. I was just informed that
> one of the professors is teaching a class on hacking.
> This professor is showing his students how to hack into a
> Microsoft systems. He instructed his students to attempt
> hacking to the Universities network. There grades are
> based on how many administrative passwords they are able
> to obtain. I am not that verse with hacking methods.
> Are there any website, books or programs that I could get
> to bring me up to speed very quickly? Also, are there
> any immediate security features I should check? If any
> of the students successfully hack into our network, all
> employees and students SSN, grade, and other personal
> information will be compromised.
>
>
> Any Advise would be greatly appreciated.
>

---

• Next message: Vanguyver: "Network Hacking"
• Previous message: Charles Gregory: "Win2k Pro in NT4.0 Domain Environment"
• In reply to: Vanguyver: "Network Hacking"
• Next in thread: Vanguyver: "Network Hacking"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Re: Network Hacking ... controllers is an absolute must. ... administrator account. ... Change passwords on all administrator accounts, ... He instructed his students to attempt ... (microsoft.public.win2000.security) Re: Generate password from computer name ... Why do you want/need unique administrator passwords? ... I'm thinking right now to use the workstation name as the ... > machine's Administrator account password is. ... (microsoft.public.win2000.cmdprompt.admin) Re: Delete all Passwords? ... The students are making themselves "Administrators", ... safe mode and creating new "Administrator" accounts with their own passwords, ... > Any Administrator can do and undo anything any Administrator can do. ... (microsoft.public.windowsxp.accessibility) Re: Changing Administrative Rights ... passwords in there. ... of the regular users group - not administrators. ... If you decide not to use the administrator account very ... (microsoft.public.win2000.security) Administrator password during WinXP installation? ... password when WinXP Professional boots up to the WinXP ... Professional installation for the Administrator account ... (microsoft.public.windowsxp.security_admin)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(12)