Re: Scheduling NTBackup to mapped drive

  • From: Danny <nocmonkey@xxxxxxxxx>
  • To: "[ExchangeList]" <exchangelist@xxxxxxxxxxxxx>
  • Date: Fri, 6 Aug 2004 16:01:14 -0400

On Fri, 6 Aug 2004 12:22:42 -0700 (PDT), Jared Johnson
<jaredsjazz@xxxxxxxxx> wrote:
> Mark, even for you, the great Exchange guy, I cannot
> do your research for you. Someone with your Exchange
> skill level really should know better.

Another outstanding contribution to Exchange community you have
provided, Jared.
> Old habits die hard. I know many of you are only angry
> because for so long you have been doing it the wrong
> way and it's tough to face up to that. Believe me, I
> understand.

I'll be sure to call you when my systems were hacked because I logged
out of my servers, insteading of leaving them logged in with the
screen locked.

> Think about it: WHY would you give a hacker more
> opportunities to log in to various known accounts,

Exactly; by leaving an account LOGGED in, you provide a wealth of
information to a "hacker". In fact, all I need to do is run a: nbtstat
-a servername
...and I will see which account is logged in.  

Jared, try running an nbtstat -a when no one is logged into the
server. Guess what, no account shows up, and the hacker has one less
peice of vital information.

> i.e., GUEST (because of these newbies don't disable
> that account),

The Guest account is disabled by default (Windows 2000 and newer).
Sorry, who's the newbie again?

> the Administrator (because newbies don't rename the account),

Sure it's a layer of protection, but you can pretty easily look up the
SID (ends in 500) of the Admin account to display whatever you renamed
it to.

The name of the account is displayed on the locked screen, so I am not
sure how this helps your obsession with leaving an admin account
logged in and locking it, versus logging off.


Other related posts: