-
Thanks for the tidbit about the Recovery Console. With all the addins this is turning out to be a good write-up. Seems like you and Tiger Shark have sort of the same technique. I like that technique, sounds very secure. Right now I have 5 accounts on my computer. The built in admin and guest accounts, both renamed and password protected. Then I have a limited user account named Administrator, password protected. I also have the account which is created when you first install which is an admin account. Does anyone know how to get rid of that or can you just downgrade from the builtin admin account to a limited user account? Last I have an extra guest account. Right now I have it set up to where the account created at install(an admin account) has access to my shared files. I really should change that to a limited user account, which I will do when I get home. Since I'm behind a firewall, I really don't have to worry that much anyway.
Thanks for your input Tiger Shark, disc0rd, and phishphreek80.
-
Heretic:
Your use of a new, limited, account called "administrator is a handy little "trap" that I use on some servers. As long as the machine can't produce a userlist, (Netbios ports are protected), then an attacker can't see the SID for administrator is not correct thus they may try a few guesses at the admin password because it can't be locked out - So, away they go
Administrator [no password] - failed
Administrator [admin] - failed
Administrator [password] - failed
Administrator [manager] "You account has been locked out - please see your administrator" - Oooooooops...... F@C%
Couple that with a reset time on locked out accounts under the Local or domain security policy of three days or more and even if there is a weekend in the way you will see the account is locked out when you return on monday and try to work......
Call it an early warning system...... ;)
-
Cool suggestion Tiger Shark, I have just done that lockout thing, only I set it for three hours instead of 3 days, which is ok because I am always on my computer. I guess it would be better to bump it up to 12 for when I'm asleep. Also, what did you set for the amount of time to reset the bad login attempts. I set that to one hour, you probably have it to never reset though. I did all this stuff how I did because I tend to hit the wrong keys a lot, so I could easily lock myself out, and I don't want to be locked out for too long if I do that. As for my tut, I like it a lot better after that last edit, and if anyone doesn't please explain why.
Thanks for the suggestion Tiger Shark.
-
Heretic:
Time between bad logins is 30 minutes..... Slows them down a lot.....
As to locking yourself out..... Why worry? Log in as the renamed admin and reset the account..... So set it for a longer lockout in case you take a few minutes off..... ;)
-
I'm so stupid, I was laying on my bed and saw my hd light blinking like there's no tomorrow and got really worried, and after all that securing, then I remembered I was downloading something on a p2p program. LOL. I guess I'm just paranoid. I haven't used any p2p programs in a while so I'm not as used to them anymore, so I kindof freaked out. Oh well, false alarm. Kindof funny though.
