Secure Windows Server 2003 Built-in Accounts

After the installation of Microsoft® Windows® Server 2003, the built-in accounts Administrator and Guest exist on the Web server. In some instances, potential attackers can exploit these well known accounts unless they are renamed or disabled.

The Administrator account can be renamed, but cannot be disabled. The Guest account can be renamed and disabled. To help prevent potential attackers from exploiting these accounts, do the following:

Rename the Administrator account.
Rename and disable the Guest account.

Requirements

Credentials: Membership in the Administrators group on the local computer.
Tools: Iis.msc.

Recommendation

As a security best practice, log on to your computer using an account that is not ...

Get Internet Information Services (IIS) 6 Resource Kit now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Internet Information Services (IIS) 6 Resource Kit by

Secure Windows Server 2003 Built-in Accounts

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly