Security Basics mailing list archives

RE: About default sharing folders in Windows

From: "dave" <dave () netmedic net>
Date: Tue, 3 Jun 2003 01:16:00 -0400

Wow that is kind of harsh "hack the registry" it is a simple registry edit.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameter
s]
"AutoShareServer"=dword:00000000
"AutoShareWks"=dword:00000000

And as far as renaming the Built in "Guest" and "Administrator" accounts you
might be better off "disabling" them as well as renaming them. 


 
_____________________
Dave Kleiman
dave () netmedic net
www.netmedic.net

 


-----Original Message-----
From: Jimi Thompson [mailto:jimit () myrealbox com] 
Sent: Sunday, June 01, 2003 20:19
To: netsecurity.guide () about com
Cc: security-basics () securityfocus com
Subject: RE: About default sharing folders in Windows

<SNIP>

I believe there might be a way in the registry to remove the
administrative shares altogether, but whether there is or isn't you need
to make sure you have strong passwords for the administrator account and
you should assign a strong password to the Guest account even if you
keep the account disabled.

</SNIP>

I strongly suggest renaming the local Administrator and Guest account 
to something that is not easily guessed at.  In addition, you should 
probably create "dummy" accounts named "Administrator" and "Guest" 
that have no rights/no group memberships and are disabled.  Monitor 
the dummy accounts closely for log in attempts.

If you machines are going to be exposed to the Internet, you will 
have to hack the registry to remove the all the default shares. 
Technet has several fine articles on this.
-- 
Thanks,

Ms. Jimi Thompson, CISSP, Rev.

"Those who are too smart to engage in politics are punished by being 
governed by those who are dumber." --Plato




---------------------------------------------------------------------------
----------------------------------------------------------------------------





---------------------------------------------------------------------------
----------------------------------------------------------------------------

Current thread:

RE: About default sharing folders in Windows Jimi Thompson (Jun 02)
- RE: About default sharing folders in Windows David Gillett (Jun 02)
  - RE: About default sharing folders in Windows dave (Jun 03)
    - RE: About default sharing folders in Windows stephen at unix dot za dot net (Jun 04)
- Re: About default sharing folders in Windows Mark Kockerbeck (Jun 03)
- RE: About default sharing folders in Windows dave (Jun 03)
- RE: About default sharing folders in Windows dschaible (Jun 03)
- Message not available
  - Re[2]: About default sharing folders in Windows vh (Jun 03)
- Re: About default sharing folders in Windows Michelle Mueller (Jun 03)
  - RE: About default sharing folders in Windows skyfront (Jun 04)
- <Possible follow-ups>
- Re: About default sharing folders in Windows Nicholas Diotte (Jun 04)
- RE: About default sharing folders in Windows Paris Stone (Jun 04)
  - Re: About default sharing folders in Windows Roger A. Grimes (Jun 04)
  - RE: About default sharing folders in Windows dave (Jun 04)
    - RE: About default sharing folders in Windows stephen at unix dot za dot net (Jun 05)
- RE: About default sharing folders in Windows Cosentino, Guilherme V. (Jun 04)

(Thread continues...)