Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

Audit access rights on shared folders

From: giopas <linux () giopas eu>
Date: Fri, 19 Feb 2010 14:25:46 +0100
Hi list,

in a typical Active Directory (Windows server 2003) corporate
environment, I would like to test access rights of all AD users on
those folders that are used for work.

The aim is to insure that confidential folders (like HR documents,
confidential agreements, Top Management folders...) are properly
restricted only to authorized people.

I found that Dumpsec 2.8.2 (the old and portable version) is quite
useful for this aim, even if in case of shortcut sometimes it goes in
loop.
However the problem is that the result is too difficult and long to be analysed,
because you have to manually go through all the directory tree in
order to see who has access right to a specific folder.

Look at the example below:


Path (exception dirs and files)         Account         Own             Dir     File
\\SRV\D$\Clients\Letters\*.*client\     guest1          dx001f01ff
\\SRV\D$\Clients\Letters\*.*client\     Administrators  all
\\SRV\D$\Clients\Letters\*.*client\     JPWQThomas      o               all

\\SRV\D$\Clients\Letters\*.*client\     SYSTEM          all
\\SRV\D$\Clients\Letters\*.*client\     EMasreten       all
\\SRV\D$\Clients\Letters\*.*client\     Users           RWXD            RWXD


How can I do it in a more effective way? Is there a tool (or a windows
script) that can help me performing this test?

Moreover, since I am not a SYS ADMIN of servers I have to audit, I
would like to have something that does not require to be installed
(i.e. portable applications or relying on DOS/NET commands).

Thank you for your help!

giopas

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: