Beware the Guest
It is often true that the simple things are the things that will mess up the best laid plans for security. This has been demonstrated time and again throughout history, as someone forgot, for example, to lock a safe containing sensitive information, or failed to investigate some small anomaly that should have been investigated. This tip, excerpted from Windows 2000 Security, by Roberta Bragg, published by New Riders, discusses one of these seemingly minor things that could turn out to be very major indeed.
Beware and be aware; the Guest account is a member of the system group Everyone. This means that any default privileges and accessand any access you assign to the group Everyoneare also available to the Guest account and any other account you assign membership in the Domain Guests group. Although the Guest account is disabled by default, you should carefully restrict the group Everyone and restrict the Guest account. To increase security, assign a strong password, deny login hours 7x24, deny remote access, and if you have to keep the NetBIOS protocol, restrict the Guest account logon to a nonexistent workstation.
Related book Windows 2000 Security
Author : Roberta Bragg
Publisher : New Riders
ISBN/CODE : 0735709912
Cover Type : Soft Cover
Pages : 500
Published : Oct. 2000
Windows 2000 Security is the only source you need to create and implement security strategies for Windows 2000 systems and networks. With detailed information on security issues, you?ll have the knowledge, tools, standards and guidance you need to secure your OS, LAN, Server, remote access and Web connections. After reading this book, you will come away with the "how," "why" and "when" of Windows 2000 security features, and know how to take advantage of them.