I work at a company that severly scrutinizes my workstation on a regular basis because of my knowledge. My NT workstation is locked so that I cannot change the password (ctrl-alt-del...change password) and a message prompt comes up that says...."Notify Administrator to change this password...." Is there any way to stop the "Big Brother" intrusion without raising suspicion and change that password..... I have to turn the share off my hard drives every day...and would like to remain anonymous to their probings.... I am still very new to NT and would be considering a "newbie" i guess with this OS. I completely understand Win95, Dos, and software....so if there is any software that can help...let me know.... or registry editing...would be very interested.... Also is there any software tutorials on Windows NT that I could download that would be helpful in my new knowledge of this OS and its power and lack of power....etc.... thanks Stainless Steel Rat ok, you cant change your password because of a specific line in your user profile that prevents it... only administrators or people with the power to add-change-delete users can fix that. if you are in the local administrator's group, then you can remove the GLOBAL group administrators from it. this will make it slightly more annoying for the admins to mess with your local resources, now they will have to TAKE OWNERSHIP to change anything [ and all you have to do is check on the owner of a resource to verify that, its under the SECURITY tab of the PROPERTIES window of any file/folder/printer/volume/object/whatever/etc on an NTFS volume. ]. if you can remove the shares on the your volumes then you must have some high set of local privileges. get the new issue of 2600 and read Konceptor's article, its pretty general but informative. find a copy of GETadmin.exe. i have never run this, but supposedly it adds you to the local administrator's group [ as talked about above ]. if you run it on a domain controller, you become a GLOBAL administrator. once a global administrator, its a good idea to make a new ghost admin account and remove yourself from the group, then use the ghost account to do your dirty work [ note: AUDITING will give you away, no matter what. erase the security logs found in the event viewer. not a guarantee you will get away with anything, but it will hinder their search for who-done-what. actually, its a good idea to always wipe all the event logs, but its also a dead-fucking-give-away that someone was fucking around ]. download l0phtcrack and let that fly on the network too... never run that either, but read up on it, its at www.l0pht.com .... that'll grab some legitimate passwords for you from the old security backups or something. note: i am not an expert. i am not a hacker. this is the little knowledge i have of NT thus far. i also only thought about this for 10 minutes or so. this is for informational purposes only. i am not responsible for you lusing your job. its a good idea to befriend an admin or server operator who will help you cover your tracks, especially if Auditing is enabled. maybe i'll write something nice like Konceptor did about messing around in NT, but i'm sure most of you know a hell of alot more than i do. <> >It's at ftp://ftp.ugcs.caltech.edu/pub/jtr/getadmin/ or >ftp://ftp.ebn.net/cgi-bin/ > >mike fictitious wrote: >> >> but informative. find a copy of GETadmin.exe. i have never run this, but > >-- >Ringworm >Anti-Archangel #11 >http://newbie.darkridge.com wowie thanx a new toy for when i go to the lab on saturday. <>