Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

fulldisclosure logo Full Disclosure mailing list archives

Re: [lists] Terminal Server vulnerabilities
From: Jan Muenther <jan.muenther () nruns com>
Date: Thu, 27 Jan 2005 17:18:14 +0100
There are ways to find out the usernames that are admin they begin with 500_
( do a Google search if you want )

Any script kiddy worth his salt will tell u this... So this one is off
because renaming admin account will only be security thru obscurity witch is
not good for the internet...


It's also only possible when you've got NetBIOS/CIFS open to the Internet, 
which is something even worse on the Internet. Even though the SID/RID of the
administrator can be determined remotely under these conditions, I'd
still recommend the renaming of the account as a standard hardening procedure. 

And fwiw, the fact that a security safeguard can be overcome is not a reason to
completely disregard it. With this argumentation, you could sell your firewalls.

Cheers, j.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]