X-Recipient: archive-cygwin AT delorie DOT com DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:date:from:reply-to:message-id:to:subject :in-reply-to:references:mime-version:content-type :content-transfer-encoding; q=dns; s=default; b=b2DsrRi39EBel8p3 NrFOny0o1vG3uoNsS0e1v/2aprfFL/TNDo13jZM+sFTzW1YVjZMNi+vvulKw8ba6 U0D9Fj5Byq+nOTYzCYKkcNm+jdvuYyO3AHTSchJsPVnGMggZqZCUOpK4l+EqD8HW LxTGN4uoJSbs6CnJtIs/NXTyNQ4= DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:date:from:reply-to:message-id:to:subject :in-reply-to:references:mime-version:content-type :content-transfer-encoding; s=default; bh=YD3dRDntGZE66zdGIw6CaZ AzKHI=; b=ReQBQ7LjvyFJzsjBEGuSsVH4Sw9vs8sWbYpflmJy0L5Xh8hO/mzYap Ma6PzbULDMSbcqmbYxd4kHK+EiOrOTa/nUa8vkbpshUwYL+fXlb/OI7UpZ2rFzS0 pidExEHayqyGWDMLjsjizBC/SqgPoM93/C05G4jmph4DJg86wHI00= Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner AT cygwin DOT com Mail-Followup-To: cygwin AT cygwin DOT com Delivered-To: mailing list cygwin AT cygwin DOT com Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=4.2 required=5.0 tests=AWL,BAYES_50,FREEMAIL_FROM,KAM_THEBAT,SPF_SOFTFAIL autolearn=no version=3.3.2 X-HELO: smtp.ht-systems.ru Date: Fri, 25 Sep 2015 11:22:19 +0300 From: Andrey Repin Reply-To: cygwin AT cygwin DOT com Message-ID: <772221980.20150925112219@yandex.ru> To: Linda Walsh , cygwin AT cygwin DOT com Subject: Re: cygwin potentially corrupting permissions? In-Reply-To: <5604B7D7.9080704@tlinx.org> References: <560366EE DOT 5020207 AT tlinx DOT org> <466149660 DOT 20150924213756 AT yandex DOT ru> <56044E61 DOT 6060202 AT tlinx DOT org> <1228432255 DOT 20150925044648 AT yandex DOT ru> <5604B7D7 DOT 9080704 AT tlinx DOT org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-IsSubscribed: yes Greetings, Linda Walsh! > Andrey Repin wrote: >> Obscurity has no relation to security. >> Oh, and these both are disabled on my systems. >> >>> If you read windows 'rules', you'd know that... (so many rules >>> to read...really hard for someone to keep up)... >> >> There's no such rules as "rename default accounts". >> It makes no sense and bears no reason. > --- > Security best practices : > See "https://technet.microsoft.com/en-us/library/cc747353%28v=ws.10%29.aspx" > and "https://technet.microsoft.com/en-us/library/jj852273.aspx" Bullshit. Both of them. You may "guess this user name and password combination" of a disabled account to your heart's content. It'll won't do square shit. The only times where you use the default administrator account is when you run domain recovery script from recovery console. And recovery console does not use the account name, neither check for status. It only ask for password. Solution: Ban default accounts and let attackers try their luck. @Greg Freemyer: An "army in the world" does not have passwords and firewalls. That's the only reason they are trying to rely on obscurity. Doesn't quite work, as attacker could just carpet bomb the target positions. -- With best regards, Andrey Repin Friday, September 25, 2015 11:14:20 Sorry for my terrible english... -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple