Security Basics mailing list archives
RE: Windows Share Problem
From: "Beauford, Jason" <jbeauford () EightInOnePet com>
Date: Fri, 6 May 2005 13:35:25 -0400
An admin of a W2K box can take ownership of any folder/share and then grant themselves the permissions they need to access it. So the below mentioned suggestion is easily circumvented. If you have a share that you want to hide, use "$" sign after the share name to create a "hidden" share. Of course this will hide the share from your end users, however if you map the drive for them AND they have the proper permissions, they can use it. Now of course if the admins go poking around in EXPLORER, they'll eventually find the folder with the little share icon on it. So they can still access the share if they can find it. If they want a more direct root, they can open the compmgt.msc (Computer Management Snap-in) and just view any and all shares right there, this includes hidden. In short, if you bury the shared folder deep in the file system and give it a name like "SHARE$" w/o quotes then you can hide it from someone not looking for a share. But if they really want to know what is being shared, an Admin can EASILY find it. -jmb -----Original Message----- From: dallas jordan [mailto:dallas.jordan () gmail com] Sent: Friday, May 06, 2005 10:48 AM To: indianz () indianz ch Cc: security-basics () securityfocus com Subject: Re: Windows Share Problem Create the folder and then go to the properties of the folder and share it. Then go to the tab that says Security and add the users that need access to it and give them the needed permissions. Dont add the admin as a user or give them any permissions. does that make any sense? On 5/6/05, indianz () indianz ch <indianz () indianz ch> wrote:
Hi List Is it possible, in a win2K-Environment (nt4-compatibility-mode is on) without active-directory or domain, to grant users a network share on the server which an admin (external it-company with remote access) cannot see or has access to? Thanx in advance. kind regards, IndianZ
-- Dallas Jordan CCNA, CISSP Ernst & Young LLP Security & Technology Solutions (STS) E-mail: Dallas.Jordan () ey com
Current thread:
- Windows Share Problem indianz (May 06)
- Re: Windows Share Problem dallas jordan (May 06)
- Re: Windows Share Problem NSC (May 09)
- RE: Windows Share Problem Marco Araujo (May 09)
- Re: Windows Share Problem Rick Loran - SERVER4YOU, Inc. (May 09)
- <Possible follow-ups>
- RE: Windows Share Problem Matt Gibson (May 09)
- Re: Windows Share Problem indianz (May 09)
- RE: Windows Share Problem Beauford, Jason (May 09)
- RE: Windows Share Problem Jason Balicki (May 09)
- Re: Windows Share Problem dallas jordan (May 06)