Hey,
I've noticed that if you restart a box running XP into safe mode you can log into the administrator account and basically do whatever you want. Is there anyway to prevent this.
Printable View
Hey,
I've noticed that if you restart a box running XP into safe mode you can log into the administrator account and basically do whatever you want. Is there anyway to prevent this.
Well this is a hard question but you can do this: http://legalminds.lp.findlaw.com/lis.../msg00032.html or http://www.experts-exchange.com/Oper..._20289001.html
Those methods should work because you have XP which based of 2000 and so on.. try that and get back to me..
jag291
You can always log on as Administrator, unless they have renamed that account. Even if they use the GUI logon screen with the funky little pictures, just hit CTRL - ALT - DEL twice to get the usual logon prompt. Then you can type in Administrator and the password to logon.
I'm by no means a security guru, but have you changed the administrator account password yourself? I think I read somewhere that the default password for the admin account on Windows XP was there is no password, it's blank.
So if I were you I would open up control panel, go to User administration or accounts (or whatever it's called).
It may even be worth it to disable the administrator account, since attackers like to check default account names, and then set up an account with a different name that has administrative privaleges.
If I'm wrong about this, I hope someone can help you out because having your admin account wide open is a bad idea
Your right VicC, there is no password as a default but the user accounts doesn't have Adminstartion as a user.
All good suggestions, to be sure. Perhaps you might consider RENAMING the administrator account, therefore making it much more difficult for outsiders to gain access to your box. After all, the admin account is what most script kiddies are going to be looking for in the first place, and naturally "administrator" is the first thing they are going to try.
Hope this helped!
Thanks Jaguar291 for the method of "pausing" safe mode, but is there an alternative. I don't feel comfortable picking at my OS intestines.
Good suggestion allenb1963, but wouldn't the intruder notice a strange new account they didn't see before, I don't know I guess it would work but it just sounds so.... simple.
Thanks for the suggestion
Yes...there is
you can Password protect the Admin account....like any other..
Administrative tools-> Computer management
Find the admin account under the user list....password it...or rename it...do not delete it...you can't re-make that account..and it's the most powerfull account a user is allowed to have...
Noia ....back again ? you haven't been posting since 07-09-2003 02:37 PM what happened ..where were you ...just to let you know you have been missed :) ....
Since I've never tried disabling Safe Mode, I'm making a guess here: can't you just change the boot.ini file so that when its supposed to boot Safe Mode it boots normally?
jag291
Yes, you could do that....ooooor.....you can stear clear of your boot sequence and just password protect it like normal ppl.
hehe, Thanks Memory, been busy with my own site, summer holliday and all sorts of other stuff.
Well, we all can't be normal like you Noia! I like being different, you gotta problem with that...? ;)
jag291
Thanks Noia I'll try that.
BTW
You're right jaguar291, I guess I wasn't thinking. Sorry about that(I'm Polish :confused: )
Don't feel bad.. I'm Polish too... :)
Mowisz po Polsku? - Polish
jag291
hehe, I'm not normal, never said I was.......
tak, ja mowiem po polsku, ja niewiem jak pisac po polsku
Same here.. I had my dad help me write that sentence but still I speak Polish... :) Writing and reading are a challenge... :)
what? lolQuote:
tak, ja mowiem po polsku, ja niewiem jak pisac po polsku
somebody translate? roughly translated as i understand it ....it says something like : I dont know how to write in polish : .....:D
Yes, I speak Polish, I don't know how to write in Polish..
That's the best translation you'll get.. :)
thats awesome jaguar291, do u mind if i put you on my buddy list
LOL.. there's no need to ask.. :)
I renamed the admin account and password protected it. Then just to frustrate anyone who might ever manage to get in I made a very limited guest account and named it "administrator." Then to make it even more fun I put a password on it about 30 characters long including letters (upper and lower) numbers & symbols. So if anyone were to get in they will try to hit the admin account and have to crack that huge password just to get into a guest account that wont be able to do anything. :D
hehe, thats standard you know.
Theres a very good tut on Locking down XP machines in AO somewhere, I'm to lazy to find it, but I know it's there...
Windows XP was designed with a built in administrator account in safe mode to allow access even if you forgot your password and or change settings to accounts prevent breaches in security, etc.
The only way I'm aware to prevent people from not logging on is actually creating a account named "Adminstrator" and adding a "Password" that way when it boots in safe mode there is an account in normal mode named it and ask for a password.
Or you can go into "Computer-Management" and rename the account or just add a password. Up to you which way you'd like. People would be aware that you've got a "administrator" account but they wouldn't have password or you could rename it making it a little bit harder for people to actually find the account.
I really, really feel bad for the person who waste his time to crack that account just to find out it's a guest account. Uh, I would be so ticked. Good idea though.
Some months ago on another security forum we were talking about XP's hidden
account and some guy wrote that if any account in XP has a blank password no
remote login is avaliable to it he said that the only way somebody could get to
the hidden admin account would be if they had physical access to the computer.
hmmm...logging into safmode on XP allows you to login as admin? What will stop a power user from installing a VNC server service after admin loggin? Once that is done, the hacker will watch the screen and wait for the admin to goto lunch or something.