Penetration Testing mailing list archives
Re: Default shares & SMS Server
From: <Steve.Cummings () barclayscapital com>
Date: Tue, 25 Oct 2005 17:45:14 +0100
Pretty sure it is the rpc and the admin that are required -----Original Message----- From: Goran Sevic <goranlegion () ftml net> To: pen-test () securityfocus com <pen-test () securityfocus com> Sent: Tue Oct 25 07:55:29 2005 Subject: Default shares & SMS Server Hi, While performing audit of an organisation, we found all the default shares including (C$ & D$) been enabled on the user's workstations. When asked the tech team, mentioned that these shares are needed for the functioning of Microsoft SMS servers. Is anyone aware of the requirement of these shares on the workstations? My feeling is that the ADMIN$ share on the workstations is enough for the operation of SMS functions. warm regs, GOrAn -- Goran Sevic goranlegion () ftml net -- http://www.fastmail.fm - Email service worth paying for. Try it for free ------------------------------------------------------------------------------ Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 ------------------------------------------------------------------------------- ------------------------------------------------------------------------ For more information about Barclays Capital, please visit our web site at http://www.barcap.com. Internet communications are not secure and therefore the Barclays Group does not accept legal responsibility for the contents of this message. Although the Barclays Group operates anti-virus programmes, it does not accept responsibility for any damage whatsoever that is caused by viruses being passed. Any views or opinions presented are solely those of the author and do not necessarily represent those of the Barclays Group. Replies to this email may be monitored by the Barclays Group for operational or business reasons. ------------------------------------------------------------------------ ------------------------------------------------------------------------------ Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------------------------
Current thread:
- Default shares & SMS Server Goran Sevic (Oct 25)
- Re: Default shares & SMS Server Chris Buechler (Oct 25)
- Re: Default shares & SMS Server Alexander Klimov (Oct 26)
- <Possible follow-ups>
- Re: Default shares & SMS Server Steve.Cummings (Oct 25)