ok so my university puts on cyber defense competitions and i was just wondering if people know of some security holes that administrators accidentally put into a system that would leave that system vulnerable to attack. I would love for these to be real life errors like the admin was lazy and left a copy of the password list in an obscure directory.

That system is a windows 2003 server SP1. When it is given to them it is not a part of a domain, but many decide to make it a part of one even though their only other windows system is a windows dns. The group of people that are trying to secure up their systems are high school students, but at the same time i want the attacking team to have to work at it to break into the system. The attackers come from professionals and some graduate students.

ok i guess i should rephrase this. I'm looking for some semi common things that administrators do that are unsecure. The teams are given roughly 2-3 weeks to setup their network, and fix any holes in their security. So this would kinda be real world where someone comes into a business and the computer administrator has left. So no knowledge of how or what they did to the system, but they can't reinstall the os.

Those are great. I also looked into setting the windows installer to run as the guest account, which is disabled. To help prevent users from updating their computers as this messes with the windows update. i also installed dreampack pl on the computers, but i don't think thats gonna do a whole lot cause we don't get physical access to computers.

If you are on the same LAN link as the server I would say run Cain & Able to and do a Man In The Middle Attack on it (If some one is running RDP you can get in the middle of it). Also look to Chris gates video here for some cool stuff: http://www.ethicalhacker.net/content/view/105/24/

If you are trying to defend against RDP types of attacks I think the best thing to do as a basic step is to change the RDP port number to something different.

Another basic step would be to make a new Admin account (with a name that is not anything like Admin and set a 14+ charter password on it) and change the old Admin account to Guest permissions or disable it.

My 2 cents

Brian

Here is a link to a portion of Hacking Exposed describing null sessions.
http://books.google.com/books?id=-bkRryv377QC&pg=PA85&lpg=PA85&dq=windows+2003+null+session+default&source=web&ots=3MKuwM-N5C&sig=XBCU-Fy4AqDUJ4tpa8g1G7Latwc&hl=en&ei=DxaXSfzxAZCCNae8tfML&sa=X&oi=book_result&resnum=2&ct=result#PPA85,M1