|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: name of built-in administrator
- To: NTBUGTRAQ
LISTSERV.NTBUGTRAQ.COM - Subject: Re: name of built-in administrator
- From: David LeBlanc <dleblancMINDSPRING.COM>
- Date: Tue, 5 May 1998 10:39:32 -0400
- Comments: To: Luke Kenneth Casson Leighton <lkclSWITCHBOARD.NET>
- In-Reply-To: <199805051407.KAA18480camel16.mindspring.com>
- Reply-To: David LeBlanc <dleblancMINDSPRING.COM>
- Sender: Windows NT BugTraq Mailing List <NTBUGTRAQLISTSERV.NTBUGTRAQ.COM>
At 11:08 AM 5/5/98 +0000, Luke Kenneth Casson Leighton wrote: >with the user2sid, sid2user and smbclient from BRANCH_NTDOM (see >http://samba.anu.edu.au.cvs.html) you don't _need_ to actually log in as >Administrator in order to obtain the information [converting the NT Admin >Group or User RID to its current user or group name]. >if you have put "RestrictAnonymous" in then you only need an ordinary user >account. if you have not, then you can connect with a NULL session and >request the above information. Even if RestrictAnonymous is set, the user2sid and sid2user programs (or anything else based on LookupAccountName() and LookupAccountSid()) are going to work if I either have or can guess just _one_ account name. Until these are fixed, it is completely _useless_ to rename the administrator account. Note that there is one account name on the machines that _cannot_ be changed, so that you can ALWAYS get the machine RIDs that you need. There may be another method to do the same thing, but that needs a bit of investigation. Thus if I can get a null session, I can ALWAYS get your administrator name. Once Microsoft gives us some way to control the behavior of LookupAccountXXX(), it might be useful to change the name, but I still feel like restricting the account properly (as I detailed in my reply to this thread on 4/29) is the best solution. As a reality check, you don't see many UNIX boxes with root renamed - but you see plenty of them where you can't log in as root from the network. David LeBlanc dleblanc
- Prev by Date: Re: Is PPTP cryptographically secure?
- Next by Date: Re: name of built-in administrator
- Prev by thread: Re: name of built-in administrator
- Next by thread: Re: name of built-in administrator
- Index(es):