RE: Basic questions about network shares

["Steve McLaughlin" <steve () Lan com au>]

1) The NTFS Permissions have the same restrictions.

2) I know that Norton Antivirus (even the standard edition of 2003) can
initiate a scan on a network drive, or even a network share. And it will
definitely pick it up if you execute it.

Although, if you have shares on YOUR computer, and the other computer has an
active worm running whilst connected to the network, I have noticed that
some virus can jump across to your computer, until Norton starts a scan
again.

However in your case, any file that is executed will be scanned
automatically. Or should be anyway, regardless of its origin. I am using
Norton and this is my experience with Norton though. But any antivirus
should scan any file that is executed automatically. Or I believe it would
be considered quite a flaw.

steve mclaughlin | enlite technologyR
 (MCSA, A+, Network+, Server+)
 

-----Original Message-----
From: Ciprian Slobodnic [mailto:slobodnic () hotmail com] 
Sent: Friday, 30 January 2004 1:35 PM
To: security-basics () securityfocus com
Subject: Basic questions about network shares

Is there any difference between a mapped network drive and an unmapped one
from a security standpoint? 
For instance, if I map \\server\share to Y: and I access the file
Y:\executable.exe is it more secure compared with
\\server\share\executable.exe?
If no, then why Microsoft on XP and Win2k3 they decided to give you a
warning "Some files can harm your computer ." when you try to execute the
file in the second way?
Will an anti-virus program be able to scan the executable the same in both
cases?


Thanks.

---------------------------------------------------------------------------
Ethical Hacking at InfoSec Institute. Mention this ad and get $720 off any 
course! All of our class sizes are guaranteed to be 10 students or less. 
We provide Ethical Hacking, Advanced Ethical Hacking, Intrusion Prevention, 
and many other technical hands on courses. 
Visit us at http://www.infosecinstitute.com/securityfocus to get $720 off 
any course!  
----------------------------------------------------------------------------



---------------------------------------------------------------------------
Ethical Hacking at InfoSec Institute. Mention this ad and get $720 off any
course! All of our class sizes are guaranteed to be 10 students or less.
We provide Ethical Hacking, Advanced Ethical Hacking, Intrusion Prevention,
and many other technical hands on courses.
Visit us at http://www.infosecinstitute.com/securityfocus to get $720 off
any course!
----------------------------------------------------------------------------