| VID |
27002 |
| Severity |
20 |
| Port |
139 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
The account who has never logged on exists.
Account management is important in preventing unauthorized access to your system. Unused accounts are very helpful a remote attacker to log on the system and access to sensitive information and system resources with this account privilege. If the account was not created recently, consider deleting or disabling the account.
* References:
http://www.iss.net/security_center/static/1314.php |
| Recommendation |
If the account is not legitimate or is unused, remove the account by disabling or deleting it.
To disable the account
In Windows NT:
1. Open User Manager.
2. Select the user from the list.
3. Select Properties from the User menu.
4. Check the "Account Disabled" check box.
For a Windows 2000 domain:
1. Start Active Directory Users and Computers Management Console (dsa.msc).
2. Look for the user of interest in the domain.
3. Select the 'Properties' menu for the user.
4. Select the 'Account' Tab.
5. Check the "Account is disabled" check box.
For stand-alone Windows 2000 machines:
1. On the computer of interest, start Local Users and Groups Management Console (lusrmgr.msc).
2. Open the User folder and select the User.
3. Select the 'Properties' menu for the user.
4. Select the 'General' Tab.
5. Check the "Account is disabled" check box.
For Windows XP, 2003, VISTA, 7, 2008, 8, 2012, 10, 2016, 2019:
1. Start menu, select Run and then execute lusrmgr.msc
2. Open [Local Users and Groups] -> [Users] folder and select the User.
3. Select the 'Properties' menu for the user.
4. Select the 'General' Tab.
5. Check the "Account is disabled" check box.
To delete (permanently remove) a user account
In Windows NT:
1. Open User Manager.
2. Select the user account
3. Select "Delete".
For a Windows 2000 domain:
1. Start Active Directory Users and Computers Management Console (dsa.msc).
2. Look for the user of interest in the domain.
3. Select the user and right mouse click on the user entry.
5. Select "Delete".
For stand-alone Windows 2000 machines:
1. On the computer of interest, start Local Users and Groups Management Console (lusrmgr.msc).
2. Open the User folder and select the User.
3. Right mouse click on the user entry.
4. Select "Delete".
For Windows XP, 2003, VISTA, 7, 2008, 8, 2012, 10, 2016, 2019:
1. Start menu, select Run and then execute lusrmgr.msc
2. Open [Local Users and Groups] -> [Users] folder and select the User.
3. Right mouse click on the user entry.
4. Select "Delete". |
| Related URL |
(CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
