is there a way to eliminate the sucurity risk of a backdoor admin

title says it all my brother is home and has already changed my password on my system once because he used one of several "backdoor admins" to access full computer usage rights i need to find a way to prevent this from happening again any ideas other than changing the passwords because iv already done that

also he keeps using cmd and some net user comand to change the password once he gets acess to admin any ideas?

 

Ask your brother not to interfere with the computer?

 

So, here is a curious question. How do you know how he is doing it? Are you watching him?

You make this all sound very suspicious.

If he has an admin account on your computer, it will show up under computer management.

 

Hey reddeath, you could try setting a BIOS password if your set-up supports it.


Anyhoo, assuming it's your PC and assuming the perp' (your brother) is using it to log in to sites, i would be looking to recover any login info from my computer and maybe adding him a few new friends on the Face-space, send a few emails, make a few posts etc etc. maybe even change a few passwords


Also if this brother is a little brother i would be considering gaffa taping him to the bonnet(hood) of my car and taking him for a ride! [or maybe just a good old fashioned beatdown.... WWF style!]

 

lol like the last idea but its not likly and no he never guessed the password because since a reset them back to what they were he hasnt been able to do anything new to it
and he doesnt have an admin account he apperently has been self teaching himself hacking of pc off of youtube he apperently found a way to use cmd to over write any password an account has but i dont know what the cmd he uses is all i know is it has to do with net user

 

Oh thats an easy one then...

Take a look here -> http://www.tweakxp.com/article37428.aspx

[Note the editors bit about having to do it in the registry if you want to bar just one account from CMD]




Q

 

it wasnt till after he went in it but it is fully protected with pass so ill prob when i have the time do the bios pass and cmd thing if i can

 

One thing to bear in mind though red', unless you encrypt the drive, anyone who has got physical access to a PC can get into it if they got the know how/time.


Q

 

http://aplawson.com/2009/04/22/pentest-sticky-keys-sethcexe-vulnerability-in-2003-xp-vista/


Disable sticky keys in the accessibility option in the control panel. Apparently, it is possible to replace the sticky keys file (sethc.exe) with the command prompt (cmd.exe) as it is not protected by Windows File Protection, giving anyone who uses this hack system level access at logon. This may be his backdoor. It took me only 10 minutes to find this out.