Re: Securing against an internet based intrusion

In news:rb2vv1h7emejrmtqi36g4as3c74bb7mkdl@xxxxxxx,
Ari <nomail@xxxxxxxx> typed:
I like to run a tight ship and have taken some security measures to
help keep my system more secure. One topic I've never seen discussed
before is what measures the OS takes if it detects multiple guesses of
the administrators password via the internet-which is likely an
attempt to gain unauthorized access.

I have renamed the administrators account to an unusual name, so
(presumably) an intruder has to somehow figure out the account name
that has administrative privileges. But, let's say this has been done,
and the intruder begins guessing passwords, hoping I was stupid enough
to use a blank line or an easy to guess password (such as

What is to stop the intruder from running all the possible
combinations of passwords until the system unlocks for him (or her).

Clearly, such an attack should (at the very minimum) alert the
keyboard operator and should slow down acceptance of guesses to give
the kb operator more time to respond. But, stopping the computer from
operating if this is detected amounts to an easy means of launching a
denial of service, clearly shutting down the computer is
not an option.

Just exactly what does XP do when it detects multiple wrong guesses of
the administrators password? Is this issue someting I don't need to
worry about (because XP has it covered), or does XP sit there and
watch it happen?



I don't know whether account lockout will do anything in XP, but first step
is getting a good firewall in place between your computer and the Internet
modem/router you use - even if you use the XP firewall as well. Don't allow
any inbound traffic at all, and you're in decent shape. Depending on the
model, you may be able to turn up logging such that you can see what people
(or hijacked computers) are trying to do - even dump it out to a syslog
If you use wireless, don't use a wide open access point - use WPA at
Use a good, long, complex password on your default administrator account,
and also on your own account (and don't put your own account in the
Administrators group).


Relevant Pages

  • Re: Event ID: 1202
    ... No mapping between account names and security IDs was ... SeIncreaseBasePriorityPrivilege = Administrators ... "Meinolf Weber" wrote: ... A user account in one or more Group policy objects (GPOs) could not ...
  • Re: Rid AD of Circular Group Membership
    ... I'll try to keep this going; because it might be useful to another admin ... The quess is each has an account and uses it, ... part of stations) into the machine local Administrators group. ... Administrators Group has a members: ...
  • Re: Event ID: 1202
    ... No mapping between account names and security IDs was done. ... User Rights configuration completed with error. ... SeIncreaseBasePriorityPrivilege = Administrators ... unresolvable account exists only in one GPO. ...
  • Re: Program Problems for non-administrators
    ... The user cant burn CDs because the media player absolutely wont function in her account but switch it to an administrator and all is well. ... User accounts will say they have an older version of a program but the administrators account says everything is up to speed. ... Quite simply, the installation routine for this application doesn't "know" how to handle individual user profiles, or the application tries to make changes to "off-limits" sections of the registry or protected Windows system folders. ... you can make this software available to other users by _copying_ the Start Menu folder and Desktop folder shortcuts from the user profile from which the software was installed in the corresponding folders in the user profilein which you'd like the software to be accessible. ...
  • Re: How to prevent ownership change by users with admin rights?
    ... I also have my private account on the ... > other private account is a member of the "Administrators" group. ... > I have created a private folder on the machine that has its security ...