Question from a newb about XP flaw?

**syphon** · August 19th, 2003, 06:19 PM

Hey,

I've noticed that if you restart a box running XP into safe mode you can log into the administrator account and basically do whatever you want. Is there anyway to prevent this.

**jaguar291** · August 19th, 2003, 06:32 PM

Well this is a hard question but you can do this: http://legalminds.lp.findlaw.com/lis.../msg00032.html or http://www.experts-exchange.com/Oper..._20289001.html

Those methods should work because you have XP which based of 2000 and so on.. try that and get back to me..

jag291

***cross*** · August 19th, 2003, 06:33 PM

You can always log on as Administrator, unless they have renamed that account. Even if they use the GUI logon screen with the funky little pictures, just hit CTRL - ALT - DEL twice to get the usual logon prompt. Then you can type in Administrator and the password to logon.

**VicC** · August 19th, 2003, 06:33 PM

I'm by no means a security guru, but have you changed the administrator account password yourself? I think I read somewhere that the default password for the admin account on Windows XP was there is no password, it's blank.

So if I were you I would open up control panel, go to User administration or accounts (or whatever it's called).

It may even be worth it to disable the administrator account, since attackers like to check default account names, and then set up an account with a different name that has administrative privaleges.

If I'm wrong about this, I hope someone can help you out because having your admin account wide open is a bad idea

**syphon** · August 19th, 2003, 07:02 PM

Your right VicC, there is no password as a default but the user accounts doesn't have Adminstartion as a user.

***allenb1963*** · August 19th, 2003, 07:05 PM

All good suggestions, to be sure. Perhaps you might consider RENAMING the administrator account, therefore making it much more difficult for outsiders to gain access to your box. After all, the admin account is what most script kiddies are going to be looking for in the first place, and naturally "administrator" is the first thing they are going to try.

Hope this helped!

**syphon** · August 19th, 2003, 07:20 PM

Thanks Jaguar291 for the method of "pausing" safe mode, but is there an alternative. I don't feel comfortable picking at my OS intestines.

Good suggestion allenb1963, but wouldn't the intruder notice a strange new account they didn't see before, I don't know I guess it would work but it just sounds so.... simple.
Thanks for the suggestion

***Noia*** · August 19th, 2003, 07:26 PM

Yes...there is
you can Password protect the Admin account....like any other..
Administrative tools-> Computer management

Find the admin account under the user list....password it...or rename it...do not delete it...you can't re-make that account..and it's the most powerfull account a user is allowed to have...

**MemorY** · August 19th, 2003, 07:36 PM

Noia ....back again ? you haven't been posting since 07-09-2003 02:37 PM what happened ..where were you ...just to let you know you have been missed

....

**jaguar291** · August 19th, 2003, 07:37 PM

Since I've never tried disabling Safe Mode, I'm making a guess here: can't you just change the boot.ini file so that when its supposed to boot Safe Mode it boots normally?

jag291

Thread: Question from a newb about XP flaw?

Thread Tools

Display

Question from a newb about XP flaw?

Posting Permissions