Check or Attack Name: repair insecure

By default, the %systemroot%\repair directory is readable by everyone. It is possible to extract usernames and potentially the hashes of the passwords from the sam._ file. Set the permissions on this directory to full control for administrators and system and remove permissions for everyone.

Restrict access to the %systemroot\repair directory to administrators only.

To restrict access from the Windows NT desktop, follow these steps:

1. From Windows Explorer, right-click the selected directory and select Properties to display the Properties dialog box.
2. Under the Security tab, click Permissions.
3. Configure Administrators with Full Control and every one else with No Access.

Open the command line and restrict access:

1. From the Windows NT Start menu, select Run.
2. Type cmd, then click OK. This opens the command line.
3. Type: cacls c:\winnt\repair /g administrators:F
4. Type exit to return to the Windows NT desktop.