Re: XP home Administrative Password Hacked Over internet..HOW?
- From: "C J." <no.reply@xxxxxxxxxxxxxxx>
- Date: Mon, 11 Jun 2007 22:28:27 -0700
Yerdun <Yerdun@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote:
A friend of mine informed me that her win XP home administrative
password has been hacked. Her son was playing Runescape and annoyed
another player. The other player, in turn, Hacked into her computer
and changed her administrative password. At least that is the theory.
The theory hold some waters because she said that she can acceses the
password hint question and it has been changed to HAHAHmother!#$%ers.
Her windows is fully updated.
My question is, How was it done? What settings are most likely the
cause of the security breach?
And how about a list like " Top 10 things you should do after
reinstalling XP to secure your PC"
Hi Yerdun,
The list of things to do is a long one. Getting web smart is at the top of
the list for both Mom and her kid. Obviously, the person the kid ticked
off - took advantage of lax security settings they found on the moms
computer system - and then they made changes to her administrator account
while he was online. Sounds like it might of been done by some kind of a
script he ran against their IP number. Do you know if he accepted any files
from anyone in the Game area or not?? Just based on the Hint Question he
modified... the guy could have inserted a password in there you'll never
figure out.
1 Place to visit to learn how to bone up a PC's security:
www.blkviper.com <- this guy knows his stuff about setting Windows Xp Home
and Pro up safely. I wish more folks would take a look at his site and
then put some of his "services.msc" recommendations to use where they're
applicable to their PCs XP configuration and security.
Make sure they have a good software Firewall, and have it set up to notify
them when any unauthorized connection is being attempted to resources or
services on their system - and from where.
After getting the Administrator account password reset to a pass phrase,
Rename the account from "Administrator" to Spongebob or Fred or some other
name she choses.
If Applicable: also Rename and Disable the built in GUEST account. This can
be done from inside of Computer Management in Administrative tools: Computer
management, Local Users and Groups, Users folder
In Administrative tools, Local Security settings, Security options... Scroll
down to, and check the following settings:
1. 'Network Access: Allow Anonymous SID/Name translation' is set to
DISABLED.
And
2. ' Network Access: Do Not Allow Enumeration of SAM Accounts' is ENABLED.
I can't think of anything else at the moment. Perhaps some other folks will
give you some more input.
.
- Prev by Date: Re: How do i keep a ping command every 10/20 seconds
- Next by Date: Re: How do i keep a ping command every 10/20 seconds
- Previous by thread: Re: Intel Quad-core CPU's
- Next by thread: Re: Can not do backups
- Index(es):
Relevant Pages
|
