tag:blogger.com,1999:blog-15591336.post6093469572428187680..comments2011-09-02T16:31:43.409+01:00Comments on Ramblings of a Sysadmin: Renaming local administrator accounts - good or ba...Gary Williamshttp://www.blogger.com/profile/10034475611283036532noreply@blogger.comBlogger2125tag:blogger.com,1999:blog-15591336.post-21189417658260376852011-04-20T13:46:05.460+01:002011-04-20T13:46:05.460+01:00This is true when you have physical access to the ...This is true when you have physical access to the target machine, or access with enough privileges to read the usernames/SAM file. If you don't and you're just trying to bruteforce the admin account without any knowledge of it, then knowing the admin account name is a starting point. If you don't know this and can't find it out, then a renamed admin account does provide a bit agentgonzonoreply@blogger.comtag:blogger.com,1999:blog-15591336.post-80276960717515402962011-04-20T13:43:27.024+01:002011-04-20T13:43:27.024+01:00Yes, but all this assumes that you have physical a...Yes, but all this assumes that you have physical access to the machine or are logged on to it and have sufficient privileges to read the SAM file. If you don't and you're just trying to brute-force the admin account over the network or logging on, then the default name "Administrator" will give them a head-start as opposed to a renamed one. It doesn't provide much security, agentgonzonoreply@blogger.com