Re: shared folders
From: Thore \ (MAILTOcommoner_at_carcosa.de)
Date: 11/14/04
- Previous message: Thore \: "Re: I'm an evil hacker and I steal your data !!!!"
- In reply to: Christo: "shared folders"
- Next in thread: Christo: "Re: shared folders"
- Reply: Christo: "Re: shared folders"
- Reply: Christo: "Re: shared folders"
- Reply: Christo: "Re: shared folders"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sun, 14 Nov 2004 08:42:17 +0100
Christo wrote:
> are these security holes, specifically the Remote admin
These are builtin M$ features to help the spread of malware. ;)
Honestly:
They are called administrative shares and are meant for the administrators
of large networks to ease their work. To access them you need the machine's
admin password, so if you have a good, strong one you aren't in too much
danger. All those who think that admin passwords are for wimps, however,
are in for a nasty surprise sooner or later.
Yes they can be disabled via a certain registry key that, IIRC, you have to
create yourself (it's not there by default). Unfortunately I can't tell you
right away what this key is because I largely moved to SuSE Linux months
ago, only starting M$ for games and some very special multimedia apps.
Ah, wait, I may still have the batch file here, accessable from Linux...
(digs through his XP partition)
...there it is. On my XP pro system, the following worked:
in the registry branch
HKLM\system\currentcontrolset\services\lanmanserver\parameters
create a new DWORD key named
autosharewks
and give it the value 0.
That should disable those admin shares at next reboot at the latest, though
I'm not perfectly sure if IPC$ will be affected too - it may be too
important for the system as a whole to be switched off. But ADMIN$ and the
drive shares should be gone.
You need admin privileges for that of course, so either start your regedit
with "Run as..." or login as admin to do it. And if you haven't already
done so, PLEASE do yourself the favor and assign a strong password to the
admin account - one that can't be guessed by a dictionary attack. :)
Hope to have helped...
-- Regards Thore "Tocis" Schmechtig
- Previous message: Thore \: "Re: I'm an evil hacker and I steal your data !!!!"
- In reply to: Christo: "shared folders"
- Next in thread: Christo: "Re: shared folders"
- Reply: Christo: "Re: shared folders"
- Reply: Christo: "Re: shared folders"
- Reply: Christo: "Re: shared folders"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
