Brian Ryans
April 20th 03, 12:08 AM
What is a SAM file?
"Roger Abell [MVP]" > wrote in message
...
Not certain how preventing removable media will make
any difference since they could just email or ftp the
SAM file out to somewhere.
If you have an allowed user that you cannot trust there
really is little that you can do and still allow them to
have a generally useful account. Perhaps the best thing
to is make sure that the passwords are very strong and
long. That means no words, a mixture of upper/lower
letters, special characters, and numerals and long (definitely
more the 8 characters). Remember passwords can be
longer than you would want to have to type in.
--
Roger
"Brian" > wrote in message
...
> Okay, well Roger, I've checked my system for trojans. One of the people
> with a normal account is managing somehow to use some sort of password
> cracker I believe. What settings can I use to forbid certain users from
> using removable media?
>
> "Roger Abell [MVP]" > wrote in message
> ...
> They already are sealed out (assuming your machine
> has not already been trojaned). The only way to access
> XP with a local login is with an account, and over the
> network with an account or via a friendly app bound
> to a port.
> So, you should change the passwords of all accounts,
> including the Administrator account used in Safe mode.
> Also, try running (at a cmd prompt)
> net user
> just to make sure you did not miss some accounts.
>
> --
> Roger
>
> "Brian" > wrote in message
> ...
> > Friday, a person obtained access to my Windows XP Pro
> > machine, even though he didn't have an account. How do I
> > prevent someone from bypassing the password systems? I
> > have 8 accounts on this machine, access levels as follows:
> >
> > 3 Administrators
> > 2 Power Users
> > 2 Users
> > 1 Guest
> >
> > What I'm wanting is to be able to seal people that don't
> > have accounts completely out of the machine.
>
>
"Roger Abell [MVP]" > wrote in message
...
Not certain how preventing removable media will make
any difference since they could just email or ftp the
SAM file out to somewhere.
If you have an allowed user that you cannot trust there
really is little that you can do and still allow them to
have a generally useful account. Perhaps the best thing
to is make sure that the passwords are very strong and
long. That means no words, a mixture of upper/lower
letters, special characters, and numerals and long (definitely
more the 8 characters). Remember passwords can be
longer than you would want to have to type in.
--
Roger
"Brian" > wrote in message
...
> Okay, well Roger, I've checked my system for trojans. One of the people
> with a normal account is managing somehow to use some sort of password
> cracker I believe. What settings can I use to forbid certain users from
> using removable media?
>
> "Roger Abell [MVP]" > wrote in message
> ...
> They already are sealed out (assuming your machine
> has not already been trojaned). The only way to access
> XP with a local login is with an account, and over the
> network with an account or via a friendly app bound
> to a port.
> So, you should change the passwords of all accounts,
> including the Administrator account used in Safe mode.
> Also, try running (at a cmd prompt)
> net user
> just to make sure you did not miss some accounts.
>
> --
> Roger
>
> "Brian" > wrote in message
> ...
> > Friday, a person obtained access to my Windows XP Pro
> > machine, even though he didn't have an account. How do I
> > prevent someone from bypassing the password systems? I
> > have 8 accounts on this machine, access levels as follows:
> >
> > 3 Administrators
> > 2 Power Users
> > 2 Users
> > 1 Guest
> >
> > What I'm wanting is to be able to seal people that don't
> > have accounts completely out of the machine.
>
>