How can someone access account names through the network?

[PHead2]

I briefly had a friend's firewall down while we were trying to configure some things, in that short time many users tried to hack into the computer via the internet. Not only did they try various typical account names (Administrator, admin, sqladmin, etc.) but apparently they managed to get ahold of all the actual user names on the server to try (according to the security log).

How were they able to do this, aren't the user names encrypted?

Just curious...

 

[shahsbro]

hello,

tell me first the users are hack ur Server or accounts in through network or outside users from internet?

thanks
smudasir

 

[PHead2]

Outside users from the internet...

 

[xmsre]

you're allowing null sessions, and enumeration of SAM account names. You can play with RestrictAnonymous, but read this first:

http://support.microsoft.com/default.aspx?scid=kb;en-us;246261

RestrictAnonymous=1 may be your best bet if you only want to restrict enumeration of account names. You can do it through the registry, or through a security template.

John
MOSMENMTK

 

[Seaspray0]

Are your email accounts named like the user accounts? i.e. username jsmith also has email account smith@company.com? Is your DNS secure? could a hacker use nslookup against it?