Re: File Sharing and Broadband
From: Davy (david_at_REMOVETHISchobham.org.uk)
Date: Sat, 5 Nov 2005 09:07:41 -0000
Thanks Steve, that is helpful. Although I am still not clear about the
difference between folder, security and share permissions. My Windows 2000
installation has two tabs for a folder property - they are 'share' and
'security'. The 'share' tab seems to offer folder permissions (very
confusing) and it has a further 'permissions' button; whilst the 'security'
tab seems to duplicate the 'share permissions' button function. Am I
understanding this correctly?
> NTFS folder permissions apply to any users that logs on locally or via a
> share. Share permissions apply only to network users accessing the share
> for such a user the most restrictive of the two settings will apply.
> permission of change allows a user to access the share and write and
> on that share. If you do not need that then set the share permissions to
> read which allows the network user to only read/list/execute.
> Everyone in your situation would mean anyone that can authenticate to the
> computer unless the guest account is enabled which could then potentially
> allow everyone and anyone access to that folder. I usually change everyone
> to authenticated users. That way if the guest account is enabled somehow
> that folder is still protected from anonymous access. Firewalls are an
> important part of network security but be sure to have a strategy for
> malware prevention, detection, and removal and for keeping current with
> critical security updates at Windows Updates. --- Steve
> --- Protect Your PC tips from MS.
> "Davy" <david@REMOVETHISchobham.org.uk> wrote in message
> > Recently I have made some major changes to my PC which make me think
> > I
> > need to review my file sharing policy.
> > I have moved from dial-up internet to broadband and installed a 3Com
> > router
> > firewall.
> > The home network has 3 PCs which have file sharing enabled on all drives
> > The Share Permissions tab allows 'Network' change/read permissions. The
> > 'Security' tab allows 'Everyone' full control. (MS Office gives
> > if I don't allow full access). This sounds a bit risky but as I
> > it 'everyone' means anyone who logs on with the correct username and
> > password. However, I must admit to being confused between the W2k
> > 'Shares' properties 'Share Permissions' and 'Security'.
> > Since the NAT on the router makes the PCs invisible to the outside world
> > and
> > the file shares are protected by password access then it seems safe.
> > My installation is:
> > W2000
> > Office 2000
> > Outpost PFW
> > The PCs are not logged on with admin privileges except when doing
> > updates.
> > The router provides IP addresses to the PCs
> > Any thoughts?
> > Davy