PCBUILD Archives

Personal Computer Hardware discussion List

PCBUILD@LISTSERV.ICORS.ORG
Options: Use Forum View

Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
Re: Q. about Windows Registry Entry
From:
David Gillett <[log in to unmask]>
Reply To:
PCBUILD - Personal Computer Hardware discussion List <[log in to unmask]>
Date:
Sun, 4 Sep 2005 03:12:10 -0700
Content-Type:
text/plain
Parts/Attachments:
text/plain (29 lines) 
On 3 Sep 2005 at 14:19, David wrote:

> I am running Windows 2000.  Out of the box, of course, it had an
> administrator account called, of all things, Administrator.  For
> security reasons I changed its name to, let's say, George.  I also
> created a regular user account which I use for everyday purposes.

  Using a regular account for everyday purposes is a good idea.  Renaming
the Administrator account doesn't achieve much, though, unless you also
enable the security policy entry that limits anonymous sessions, and even
then the protection is incomplete.

  In the NT family of Windows versions -- NT, 2000, XP/2003 -- each account
has a name and an SID (Security ID), and the SID is what matters.  So any
hacker or piece of malware that can browse the list of accounts can ignore
what the accaount is named and just look for the one whose SID proclaims "I
am THE Administrator account".
  In NT and 2000, by default anyone that can make a network connection to
the machine can, by default, check out the list of accounts, and you have to
disable that explicitly.  With XP, the attacker has to be running on a
logged-in account to get to that info -- usually true of a virus, but harder
for an Internet hacker to achieve.

David Gillett

         PCBUILD maintains hundreds of useful files for download
                     visit our download web page at:
                  http://freepctech.com/downloads.shtml

ATOM RSS1 RSS2