They are members of the everyone group, but not the anonymous logon. The
anonymous logon is a member of the everyone group. In Windows XP and Windows
2003 there is a security option to remove anonymous logon from the everyone
group. Anonymous logon is not the same as the account used for anonymous
access to a web site which by default is IUSR_MachineName account. The link
below may be helpful on how XP/2003 can restrict anonymous access membership
of the everyone group. In Windows 2000 you can set the security option for
"additional restrictions for anonymous connections" to be no access without
explicit anonymous permissions to deny anonymous logons though that setting
can cause problems on domain controllers or servers offfering shares to
downlevel clients as explained in the second link.--- Steve
http://www.microsoft.com/technet/Security/topics/hardsys/tcg/tcgch05.mspx#XSLTsection159121120120
http://support.microsoft.com/?kbid=246261
