لطفا منتظر باشید ...
Hack 71 Rename the Administrator and Guest Accounts
Renaming the default administrator and guestaccounts is a simple but effective step to help secure your
machines.To enhance system
security on your Windows server-based
network, you should rename the administrator account. You should
choose a name that does not identify it as an administrator account,
to make it difficult for any unauthorized user to break into the
computer or network. One of the account settings in Windows 2000/2003
allows you to enter an account name to rename the administrator and
guest accounts automatically using Local Security Policy (for
standalone machines in a workgroup) or Group Policy (in an Active
Directory environment).To access local policy settings, click Start
Run,type mmc, and press Enter. Select
File
Add/Remove Snap-in. Click the Add button,scroll through the list until you see Group Policy (in Windows 2000)
or Group Policy Object Editor (in Windows Server 2003). Click add,
then finish (the default is to manage Local Computer). Expand Local
Computer Policy, Computer Configuration, Windows Settings, Security
Settings, Local Policies, and Security Options. If you like, you can
save this console with a familiar name to have this MMC snap-in
available for future use. Once you've selected
Security Options, you should see a screen similar to Figure 8-1 (if you're running Windows
Server 2003 or Windows XP).
Figure 8-1. Policy settings for the default administrator and guest accounts in Windows Server 2003 and Windows XP
In the pane on the right, you can see that the first five options
detail policies for Accounts. The last two options in the Accounts
section are used to rename the administrator account and rename the
guest account. Clicking on "Accounts: Rename
administrator account" brings up the screen shown in
Figure 8-2. You will see a similar screen if you
select the Guest option. Simply type whatever name you want to use
and click OK. This automatically renames the administrator or guest
accounts.
Figure 8-2. Renaming the default Administrator account
Some Considerations
Note that if your machine belongs to a domain, the local policy
settings you configure using the previous method might be overwritten
by any Group Policy settings defined at the domain, organizational
unit (OU), or site level.Windows 2000 provides only the first two Accounts policy settings and
they're named differently than the settings shown in
Figure 8-2. The Windows Server 2003 setting named
"Accounts: Rename administrator
account" is simply named "Rename
administrator account" in Windows 2000, and likewise
with the Guest account policy setting. Windows XP, however, is
identical to Windows Server 2003 in this regard.Finally, as a further security precaution, after you rename the
accounts, you might want to add another administrator and guest
account (through the User Accounts option). Once you create these
accounts, give them a secure password, but give the accounts no
rights to anything. Even if the administrator and guest accounts are
compromised, the potential intruder will have no rights to do
anything to the computer.John Gormly
