mabe I'm not getting whats going on here are you talking about a text message coming up on your desktop.If so just go into services and disable Messenger and it will stop.
Yikes. Another text file on my password-protected administrator desktop. No backdoors installed
Originally posted by: SocrPlyr
or you could just truely disable the guest account...
it is really really simple, all you have to do is go into the administrative tools and do it from there... not the flamingly inadequate Users in the control panel...
(found this out at school when i wanted to password protect my windows shares...)
Josh
If you keep your system updated, you are really quite secure. All the major viruses in recent history have ravaged servers running IIS MANY YEARS AFTER the vulnerability had been fixed. Administrators (of all people!) NEED to keep their software up to date. Normal users should have a firewall because they tend to install shady spyware from all those damn pop-up install prompts.
Users who know better have NOTHING to worry about:
I thought I had finally been hacked by someone using a new and unknown vulnerability, it turned out to be a friend logged in locally (and playing a joke). I have still NEVER BEEN SUCCESSFULLY HACKED to date.
if you go into computer management after "disabling" the guest account from the Users area in the control panel, you will find that all that did was remove guest from being able to log onto the computer locally (removed its name from the list), however to keep the user from being able to get at windows shares including printers, you have to go into computer management and you will see that the account wasn't disabled, just delisted from the logon screen (assuming you are using the Welcome Screen, which i don't suggest)Originally posted by: prosaic
Originally posted by: SocrPlyr
or you could just truely disable the guest account...
it is really really simple, all you have to do is go into the administrative tools and do it from there... not the flamingly inadequate Users in the control panel...
(found this out at school when i wanted to password protect my windows shares...)
Josh
I'm not sure just what you mean when you refer to truly disablign the Guest account from within Administrative Tools. If you are talking about the security policy for preventing remote login, I agree that this is the way to go if you wish to disable Simple File Sharing in WinXP Pro and use the system on a domain, though I'm a little leary of the warnings Microsoft has issued about going farther than that to kill off the account. Microsoft states specifically that disabling the account, in that sense, is not a good idea.
The regular applet in the Control Panel is designed to be used in conjunction with the networking wizard when establishing home LANs. If it is used that way, then the user will be given pretty stern warnings if he is leaving an unprotected interface open to the Web. Eh, it isn't perfect, but it's pretty darned hard to build an OS this capable and not trip up regular end users. I guess Microsoft expected folks to just go by the numbers, regardless of whether or not that was a reasonable expectation. In this case, maybe the people who were most likely to get into trouble were the more knowledgeable ones who were proceeding on the basis of things they had learned while using previous versions of Windows?
- prosaic
Originally posted by: CZroe
I knew he'd get one of these. Firewalls are not for everyone! Firewalls protect PCs by interfering with alot more than just hackers. Pretty much any Internet application can run into trouble. Connection issues with P2P networks, Remote Desktop (Which is what he 's using), games, you name it. It's alot more trouble than it's worth for a PC that's going to be used for SOMETHING ELSE than troubleshooting network issues and connection problems. Just think about how many times you've just had to give up on something just because you didn't want to screw around with the router or find & open up ports and port ranges.
DMZ is supposed to fix that, but in a multiple PC gaming household like ours, it adds even more problems. What about when all of us want to play ZSNES over ZBATTLE.net but the command line front-end matchmaking application is not smart enough to use anything but the IP address connected to the ZBATTLE server? Because all PCs are connected from behind the same router, the front-end application passes the same IP address to the command line and ZSNES unsuccessfully tries to connect to itself. To make matters worse, some ISPs FORCE their customers behind NAT and firewalls. As a result, I can't play my friend from the other side of town without manually changing (forcing) the horrible-performing UDP option, something THOUSANDS of ZSNES players never figured out and even then doesn't help in some cases.
If the PC is intended to be visible and accessible to the Internet as a server, then what good does it do to "hide" behind a firewall? If the necessary ports are open, it will be "found" anyway, especially if it's running something like a webserver. Blocking/closing the unused ports may prevent certain exploits (Like my brother's case above) but if the PC is fully updated and doesn't contain anything you don't mind loosing (He restores an image every week) it's not worth the trouble as it will certainly cause more headaches. Besides, how else might we have discovered the exploit to know it needs fixin' Any intrusion changes, backdoors, DoS zombie applications etc will be wiped over with the HDD image.
He's not worried about what a hacker may do to him, but worried that it apparantly hasn't been detected/fixed by Microsoft.
Oops, you asked what the setup was like
Cable ISP with unlimited (?!) IP address assignments (Assigns randomly to differnt subnets. Bleh)
Linksys Wireless-G Router w/ DHCP disabled (Just using it as an access point / hub)
Cable modem and PCs all connected to auto-crossover local port (Instead of Cable-to-WAN port. This lets my ISP assign IPs)
Wireless-G card for the laptop, 3com & Intel NICs for the desktops + 802.11b PCI cards (we move them around alot)
No software firewalls except on the fileserver, all other unprotected gaming PCs
All password protected renamed Administrator accounts with no network shares.
Restricted Guest account recently enabled with no password on hacked PC to keep guests from requesting the password