Red Button access hack uses Anonymous User Connections , also called Null User Connection, to discover which account is the NT administrative account and what are the network shares. Disable by preventing anonymous connections to domains. This is block a significant informational exposure. Caution: this can have severe consequences on sql server access and creating/maintaining domain trusts. Registry hack:

Hive: HKEY_LOCAL_MACHINE
Key: SYSTEM\CurrentControlSet\Control\Lsa
Name: RestrictAnonymous
Type: REG_DWORD
Value: 1

To see the level of informational exposure NT has as default, download winfo and run it against your PDC. Also check my page on Penetration Testing, Hacking and Intrusion Detection.

Related:
Q143474 - Restricting Information Available to Anonymous Logon Users
Q184018 - NDS for NT does not support restrict anonymous connections
Q168464 - Directory Replication Fails with Event ID 3216

Excellent!!!! Scary. Hack Win9x, NT, Netware, Unix, Web, ...

Covers NT4 & NT2000. 3Ps covered well: policies, permissions, profiles.