Aegis Posted December 4, 2005 Share Posted December 4, 2005 Type in:\\127.0.0.1\C$And you should see your C: drive. Is this a security issue if my permissions are inadequate? Or is it just because I'm a local user? Link to comment Share on other sites More sharing options...
Elektrik Posted December 4, 2005 Share Posted December 4, 2005 It is your default local IP (from 127.0.0.0-255) Link to comment Share on other sites More sharing options...
vci Posted December 4, 2005 Share Posted December 4, 2005 by default so called "administrative shares" are enabled, they are good in a corporate environment (imho), but useless for home users ...all administrative shares have a $ in their name ... c$ , d$, e$ and so on ... Link to comment Share on other sites More sharing options...
Aegis Posted December 4, 2005 Author Share Posted December 4, 2005 Can others in your network access these shares? Link to comment Share on other sites More sharing options...
Elektrik Posted December 4, 2005 Share Posted December 4, 2005 AegisNo.Testing TCP/IP Configuration and ConnectionsPerform the following tasks to test TCP/IP configuration and connections:1. Use the ping command with the loopback address (ping 127.0.0.1) to verifythat TCP/IP is correctly installed and bound to your network adapter.If you do not receive a reply, the transceiver on your network card is notoperating correctly and may need to be reconfigured to use the properconnection type, or in older cards, may need to be configured to usedifferent IRQ (Interrupt Request) resources.2. Use the ping command with the IP address of the local computer to verifythat the computer was added to the network correctly and does not have aduplicate IP address. If configured correctly, the ping command simplyforwards the packet to the loopback address of 127.0.0.1......from Microsoft Official Curriculam Link to comment Share on other sites More sharing options...
Aegis Posted December 5, 2005 Author Share Posted December 5, 2005 Let's say that they replaced the loopback with my actual network address (192.168.x.x). Would it be an issue then? Link to comment Share on other sites More sharing options...
Synapse Posted December 5, 2005 Share Posted December 5, 2005 I've read that the default shares are and aren't a security risk... in my network i've never been able to access another computers default shares...but just as a precaution i disable them in my regtweaks file of my unattended xpcd...more info: http://labmice.techtarget.com/articles/securingwin2000.htmtheres no anchor points in the page, so you gotta search for "Disable the default shares"hope this helps Link to comment Share on other sites More sharing options...
cluberti Posted December 5, 2005 Share Posted December 5, 2005 You can access your admin shares via the loopback adapter, as long as you have the rights to view the drives and shares they point to. Since you most likely have at least read access to the C: drive (or you'd find it hard to boot Windows ), you will be able to access that administrative share (C$) via the loopback adapter. This is normal behavior.If you can access your administrative shares from a REMOTE machine via the machine's name or IP address (without entering proper authentication information), then that would be an issue. Link to comment Share on other sites More sharing options...
TheFlash428 Posted December 5, 2005 Share Posted December 5, 2005 You can access your admin shares via the loopback adapter, as long as you have the rights to view the drives and shares they point to. Since you most likely have at least read access to the C: drive (or you'd find it hard to boot Windows ), you will be able to access that administrative share (C$) via the loopback adapter. This is normal behavior.If you can access your administrative shares from a REMOTE machine via the machine's name or IP address (without entering proper authentication information), then that would be an issue.The behavior of the admin shares (c$) is that unless the computer is on a domain, and the remote user trying to access the share is a domain admin, you should have to provide authentication, wether it be from a domain or local account which has admin privledges. I assume that the account you are logged into your computer with is one with local administrative privleges, so you can access the share, either with the loopback address or your current IP--unless you meet the conditions stated above though, you SHOULD not be able to access them remotely. While I do not know of any other way to access the admin shares, you may want to disable it anyway via the registry, since it has been my experience that there is almost always some kind of way to exploit security concerns like this one, but probably not a big deal unless you are highly concerned with security and feel that you may be a target for this type of network thievery(?). Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now