Penetration Testing mailing list archives
RE: Windows folder Sharing watch
From: "Wayne S. Anderson" <wfrazee () wynweb net>
Date: Tue, 12 Dec 2006 22:33:48 -0700
Out of curiosity, why not use IPSec policy or windows-firewall-centric GPOs to control the ports that are involved with Windows file sharing? You can use granular policies to restrict access on the requisite ports to specific IPs or subnets that would need to access these folders, et al. The ports required for file and printer sharing are: UDP Ports 137, 138 TCP Ports 139, 445 As far as tripwire-type solutions with real time or near real time share creation alerting, there are a few programs out there as well as a few programs to monitor existing shares. Search google, I ran across a few within a couple minutes that sound close to what you are asking for. -------------------------------------- Wayne S. Anderson "An sufficiently developed bug is indistinguisable from a feature." http://www.linkedin.com/in/wayneanderson -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Milind Nanal Sent: Tuesday, December 12, 2006 1:31 AM To: security-basics () securityfocus com Cc: pen-test () securityfocus com; focus-ms () securityfocus com Subject: Windows folder Sharing watch Dear list, I am looking out for tool ( not very costly, preferable freeware or open source) which would take a snapshot of all folder sharing information in my data center & notify me incase of any new folder being shared. Rather doing periodic check of which are the new shares & go on disabling them I want to control it or catch it when this happen. I know about lot of tool which would scan network & give sharing list. But I want to stop this at the point when some one add a new sharing. Regards, Milind Disclaimer: This e-mail may contain Privileged/Confidential information and is intended only for the individual(s) named. Please notify the sender, if you have received this e-mail by mistake and delete it from your system. Information in this message that do not relate to the official business of the company shall be understood as neither given nor endorsed by it. E-mail transmission cannot be guaranteed to be secure or error-free. The sender does not accept liability for any errors or omissions in the contents of this message which arise as a result of e-mail transmission. If verification is required please request a hard-copy version. Visit us at www.kaleconsultants.com --------------------------------------------------------------------------- --------------------------------------------------------------------------- ------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW ------------------------------------------------------------------------
Current thread:
- RE: Windows folder Sharing watch Wayne S. Anderson (Dec 12)