We know that in the NT Technology architecture Windows system, there is a system built in the lower anonymous access account guest, we often encounter in the Win2000 and XP system set up a shared directory but others do not have access to the situation, the main reason is that the system has disabled the Guest account, Just enable the account. However, because of the existence of this account will often bring harm to the security of the system, for example: the other people secretly to activate your guest as a backdoor account to use, more hidden is directly cloned into the administrator account, based on most of the account is not necessary, so we can directly delete to improve the security of the system, Unfortunately, it is not allowed to delete the direct Guest account in the Windows system of the NT Technology architecture. So is there any way to remove it? Yes, there is a gadget called delguest that can be deleted directly under Windows NT, using the following:
C:>delguest
DelGuest v1.2-copyright 1999, Arne Vidstrom
-http://www.ntsecurity.nu/toolbox/delguest/
Wrong OS Version-delguest only runs on Windows NT 4.0!
Unfortunately, the tool is only valid for Windows NT4.0 and cannot be run on the win2000/xp/2003 system. So can we manually delete the Guest account? The answer is yes, we know that the Guest account information is stored in the SAM file and the registry, for the Sam file, the system allows us to manually modify, but after my trial as long as the deletion of the registry Guest account registration information we can achieve the purpose. The method is as follows (for example, in Windows NT and Windows 2000):
C:>regedit
Open Hkey_local_machinesamsam, we will see that there is no information, in fact, there is information is mainly our lack of authority, generally at this time we are administrator authority, In fact, the system is accessible at this time, so how do you open the account information under Sam? We first close the regedit and then execute:
C:>regedt32
Find the HKEY_LOCAL_MACHINE window, check the Samsam, and then click the Permission settings in the menu, and then we can see that the Administrators group only has special permissions, and the system account has full control, think about why? In fact, it is easy to understand that the system account is the time required to start the account, many system kernel procedures and service programs are mostly run by the permissions of the account, if the permissions are too low, I am afraid our system will not run! What we need to do now is change the Administrators permissions (be sure to remember the content in the Advanced option for later use) for full control so we can access the information under Sam. Run regedit again:
C:>regedit
At this time Hkey_local_machinesamsam there is something, step-by-step in-depth always find:
Hkey_local_machinesamsamdomainsaccountusers
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.
