Jump to content

[Question] - File Sharing Security Issue?


Aegis

Recommended Posts


by default so called "administrative shares" are enabled, they are good in a corporate environment (imho), but useless for home users ...

all administrative shares have a $ in their name ... c$ , d$, e$ and so on ...

Link to comment
Share on other sites

Aegis

No.

Testing TCP/IP Configuration and Connections

Perform the following tasks to test TCP/IP configuration and connections:

1. Use the ping command with the loopback address (ping 127.0.0.1) to verify

that TCP/IP is correctly installed and bound to your network adapter.

If you do not receive a reply, the transceiver on your network card is not

operating correctly and may need to be reconfigured to use the proper

connection type, or in older cards, may need to be configured to use

different IRQ (Interrupt Request) resources.

2. Use the ping command with the IP address of the local computer to verify

that the computer was added to the network correctly and does not have a

duplicate IP address. If configured correctly, the ping command simply

forwards the packet to the loopback address of 127.0.0.1.

.....

from Microsoft Official Curriculam

Link to comment
Share on other sites

I've read that the default shares are and aren't a security risk... in my network i've never been able to access another computers default shares...

but just as a precaution i disable them in my regtweaks file of my unattended xpcd...

more info: http://labmice.techtarget.com/articles/securingwin2000.htm

theres no anchor points in the page, so you gotta search for "Disable the default shares"

hope this helps

Link to comment
Share on other sites

You can access your admin shares via the loopback adapter, as long as you have the rights to view the drives and shares they point to. Since you most likely have at least read access to the C: drive (or you'd find it hard to boot Windows :)), you will be able to access that administrative share (C$) via the loopback adapter. This is normal behavior.

If you can access your administrative shares from a REMOTE machine via the machine's name or IP address (without entering proper authentication information), then that would be an issue.

Link to comment
Share on other sites

You can access your admin shares via the loopback adapter, as long as you have the rights to view the drives and shares they point to. Since you most likely have at least read access to the C: drive (or you'd find it hard to boot Windows :)), you will be able to access that administrative share (C$) via the loopback adapter. This is normal behavior.

If you can access your administrative shares from a REMOTE machine via the machine's name or IP address (without entering proper authentication information), then that would be an issue.

The behavior of the admin shares (c$) is that unless the computer is on a domain, and the remote user trying to access the share is a domain admin, you should have to provide authentication, wether it be from a domain or local account which has admin privledges. I assume that the account you are logged into your computer with is one with local administrative privleges, so you can access the share, either with the loopback address or your current IP--unless you meet the conditions stated above though, you SHOULD not be able to access them remotely. While I do not know of any other way to access the admin shares, you may want to disable it anyway via the registry, since it has been my experience that there is almost always some kind of way to exploit security concerns like this one, but probably not a big deal unless you are highly concerned with security and feel that you may be a target for this type of network thievery(?).

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...