On Thu, Jun 14, 2012 at 9:05 AM, Christopher Bodnar <[email protected]> wrote: > Leave the built-in administrator password blank
I would argue *strongly* against this. It violates defense-in-depth. Sure, the local admin account *shouldn't* be remotely accessible (if network logon is denied), and the server should be physically secure. But sh!t happens. Maybe a repair guy is given access to a room, maybe someone leaves a door unlocked. Or maybe there's a stupid bug in some software somewhere (radical concept, I know) that allows an unexpected path to the local admin account. Attacks often work in two stages: First achieve an unprivileged foothold on the computer, so it think's you are a legitimate local user. Then escalate your privileges from there. > There is no need for account lockout to be enabled It's prolly more accurate to say that Windows has less-than-ideal countermeasures against password guessing attacks. Ideally, you want to disable the source of the attack, or the channel it's coming in on, not the account being attacked. But if you're using Windows, that's the way it works. In classic big company fashion, their "recommendation" is "you don't really need to do that", rather than saying "we'll fix this". There's an old joke: Q: How many Microsoft programmers does it take to change a lightbulb? A: None. They just define darkness to be the new standard. > I also find it odd that this is a MS recommendation. ~shrug~ Microsoft isn't the world's best source for security advice. While they doubtless have some individuals who are very strong in security, as a whole, the average score is low. (One could prolly generalize that statement to the entire human race, come to think of it.) -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
