Get your server issues fixed by our experts for a price starting at just 25 USD/Hour. Click here to register and open a ticket with us now!

Author Topic: Disable enumeration of SIDs  (Read 7025 times)

0 Members and 1 Guest are viewing this topic.


  • Guest
Disable enumeration of SIDs
« on: October 26, 2013, 05:55:56 pm »
Disable enumeration of SIDs

Even after renaming Guest and Administrator accounts, an intruder armed with the right software can still find the real account by enumerating the account SIDs (Security Identifiers) because renaming an account does not change its SID. Once an account name has been identified (an attacker is looking for an Administrator account here) a brute force attack on the password is usually the next step.
This can be avoided by not allowing the enumeration of Account SIDs.

1) Step by step Procedure for disabling enumeration of SIDs in XP pro
2) Click Start, go to Control Panel, click administrative tools, and click local security policy.
3) Click the ‘Security Options’ folder in the left pane
4) Double click ‘Network access: Do not allow anonymous enumeration of SAM accounts and shares’ on the right pane.
5) Choose ‘Enabled’ and then click ‘Apply’ and ‘OK’ to save your settings