Sign in with
Sign up | Sign in
Your question

anonymous access to win2000 machine

Last response: in Windows 2000/NT
Share
Anonymous
a b 8 Security
June 23, 2004 8:59:34 PM

Archived from groups: microsoft.public.win2000.security (More info?)

hi, i have a computer with myself as the only user able to log on locally,
and 3 guest accounts (local logon denied)...for LAN users to access my
shares...

being a bit security paranoid :-) i have taken almost every step to secure
my computer, however i still find that they can, using computer management,
connect to my computer, use their guest accounts username and password and
then be able to view my local user accounts

i also have through the registry disabled the default shares
(C:\,D:\ADMIN,etc.) ,the default guest account is renamed, passworded and
disabled and every stringent security option in the local security policy is
enabled. i know, i know, your probably thinking who cares they can see ur
user accounts, however I want my computer COMPLETELY protected from any kind
of access remotely over the network...


can anyone help me here to make my machine completely secure?

thanks in advance
Anonymous
a b 8 Security
June 23, 2004 8:59:35 PM

Archived from groups: microsoft.public.win2000.security (More info?)

Hello,

Please visit the following website:

http://www.microsoft.com/security/protect/

How to strengthen the security settings for the Local Machine zone in
Internet Explorer
http://support.microsoft.com/default.aspx?scid=kb;en-us;833633

5-Minute Security Advisor - Protecting Your Computer Against Compromise
http://www.microsoft.com/technet/community/columns/5min...

Securing Windows 2000 Professional in a Peer-to-Peer Networking Environment
http://www.microsoft.com/smallbusiness/gtm/securityguid...
2000pro_p2p.mspx

Thank You.

Diana

This posting is provided "AS IS" with no warranties, and confers no rights.
Anonymous
a b 8 Security
June 23, 2004 8:59:35 PM

Archived from groups: microsoft.public.win2000.security (More info?)

Since you offer shares to users you need to have file and print sharing
enabled obviously. There are a couple things you can try.

-- First try disabling the remote registry service.
-- If you are administrator of the other computers and they are not you can
use Local Group Policy via gpedit.msc to disable their ability to use mmc
snapins such as Computer Management. --- Steve


"Newsreader" <news@news.com> wrote in message
news:o knrjBQWEHA.1128@TK2MSFTNGP10.phx.gbl...
> hi, i have a computer with myself as the only user able to log on locally,
> and 3 guest accounts (local logon denied)...for LAN users to access my
> shares...
>
> being a bit security paranoid :-) i have taken almost every step to secure
> my computer, however i still find that they can, using computer
management,
> connect to my computer, use their guest accounts username and password and
> then be able to view my local user accounts
>
> i also have through the registry disabled the default shares
> (C:\,D:\ADMIN,etc.) ,the default guest account is renamed, passworded and
> disabled and every stringent security option in the local security policy
is
> enabled. i know, i know, your probably thinking who cares they can see ur
> user accounts, however I want my computer COMPLETELY protected from any
kind
> of access remotely over the network...
>
>
> can anyone help me here to make my machine completely secure?
>
> thanks in advance
>
>
!