Check or Attack Name: defpop

An accessible default account was detected through POP3. Default accounts through POP3 allow attackers easy access to remote systems.

Disable the POP3 account or change the password to something difficult to guess.

Unix: Disable login access to this Unix account if it is not needed.

To remove login access for a Unix account, follow these steps:

1. Edit the /etc/passwd file.
2. Locate the account.
3. Place an * (asterisk) in the password field.
4. Place the string /bin/false in the shell field. An example of the /etc/passwd entry for a disabled guest account should resemble the following: guest:*:2311:50:Guest User:/home/guest:/bin/false
5. Save and exit the file.

Windows: Change the password on this account to something difficult to guess, or disable login access to this Windows account.

To change a password on a Windows account, follow these steps:

1. Open User Manager. From the Windows NT Start menu, select Programs, Administrative Tools (Common), User Manager.
2. Double-click the account to display the User Properties dialog box.
3. In the Password field, type the new password.
4. In the Confirm Password field, confirm the new password.
5. Click OK.

To disable login access to a Windows account, follow these steps:

1. Open User Manager. From the Windows NT Start menu, select Programs, Administrative Tools (Common), User Manager.
2. Double-click the account to display the User Properties dialog box.
3. To disable the account, select the Account Disabled check box.
4. Click OK.