Re: Hack Attempt on Windows 2003 AD Native
From: stuartm (stuart.maxwell_at_gmail.com)
Date: 11/25/04
- Next message: Denis Wong _at_ Hong Kong: "RE: SDC Active directory not responding"
- Previous message: Steven Lim: "Re: How to make the 2000 server hold the FSMO roles?"
- In reply to: Herb Martin: "Re: Hack Attempt on Windows 2003 AD Native"
- Next in thread: Herb Martin: "Re: Hack Attempt on Windows 2003 AD Native"
- Reply: Herb Martin: "Re: Hack Attempt on Windows 2003 AD Native"
- Messages sorted by: [ date ] [ thread ]
Date: Thu, 25 Nov 2004 15:02:00 +1300
The admin account's SID always ends with 500 so it's easy to spot. There
is also a registry key which can be set which prevents enumerating the
SID, but I can't find it at the moment - perhaps someone else could post it?
S.
on 25/11/2004 6:18 a.m. Herb Martin said the following:
> The Admin account is a well-known SID and so the renaming
> (which we all do anyway) is not really a significant security
> step (except against the naive hacker who depends on the name.)
>
- Next message: Denis Wong _at_ Hong Kong: "RE: SDC Active directory not responding"
- Previous message: Steven Lim: "Re: How to make the 2000 server hold the FSMO roles?"
- In reply to: Herb Martin: "Re: Hack Attempt on Windows 2003 AD Native"
- Next in thread: Herb Martin: "Re: Hack Attempt on Windows 2003 AD Native"
- Reply: Herb Martin: "Re: Hack Attempt on Windows 2003 AD Native"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
