Re: File sharing, major security issue
From: Karl Levinson [x y] mvp (levinson_k@excite.com)
Date: 11/04/02
- Next message: John Sweeney: "Re: Preventing Web Scraping"
- Previous message: GibMaster: "Re: problem with client certificates"
- In reply to: Jeff Cochran: "Re: File sharing, major security issue"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Karl Levinson [x y] mvp" <levinson_k@excite.com> Date: Mon, 4 Nov 2002 15:10:15 -0500
<jcochran at naplesgov dot com (Jeff Cochran)> wrote in message
news:3dc8cc24.1475932@news.supernews.com...
> >I came to notice that each drive is shared using a
> >name that starts with a special character. I have seen
> >this before and figured it was just how IIS worked, but
> >if I disable it (after being alerted that the share was
> >created by an administrator) the file sharing will stop,
> >BUT regular web access continues, this doesn't help
> >me though because it will be back on the next time the
> >server re-boots. The permissions for the file sharing
> >seem to be set by IIS though, so if I disable write
> >access, you cant write via the file sharing.
>
> This is the admin share. Check the Windows Admin groups or a Google
> search, disabling the automatic admin share is a simple registry
> change.
Good point. The administrative shares would be named c$, admin$, etc. [aka
\\computername\c$, \\computername\admin$, etc.] They wouldn't normally
start with a special character, but they end with a $ dollar sign so that
these shares do not appear in a GUI browse list, the user needs to type in
the name of the share at some point to access them. Maybe this describes
your situation? If not, it could be something more sinister.
- Next message: John Sweeney: "Re: Preventing Web Scraping"
- Previous message: GibMaster: "Re: problem with client certificates"
- In reply to: Jeff Cochran: "Re: File sharing, major security issue"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
