Best security practice with Systems created accounts
Posted on 2014-01-08
In the system scan by security officer, they've found a few AD
& local accounts : my colleagues renamed the Window guest
accounts to these accounts & disabled them.
In UNIX/Linux, we have lp, adm accounts etc which my
colleagues disabled them.
Security officer recommends that these accounts be deleted
instead of just being disabled. What's the best practice?
Delete or just leave them disabled?
What are the impacts/implications of removing system
created accounts? Can go thru the impact of removing for
each account (I only know about 'guest' in Windows but I
see ASPNET account as well; for UNIX, there's uucp,
adm, bin, daemon, ftp, nuucp, lp, tftp)
Do people generally rename the Windows local administrator
as a good security practice? What about renaming UNIX root?