Re: Sysvol share
From: Joe K (aka@starbandNOSPAM.net)
Date: 11/17/02
- Next message: Gene Zimm: "Administrative privileges"
- Previous message: Karl Levinson [x y] mvp: "Re: Troj_Flood.c Fix"
- In reply to: Karl Levinson [x y] mvp: "Re: Sysvol share"
- Next in thread: S. Pidgorny [MVP]: "Re: Sysvol share"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Joe K" <aka@starbandNOSPAM.net> Date: Sun, 17 Nov 2002 09:13:24 -0800
Karl,
Thanks for the input. It makes a little more sense
thinking from an Active Directory point of view.
Joe
>-----Original Message-----
>I think the VPhome and VPlogon are supposed to be world
readable. You'd
>need to ask Symantec, but I think they are for rolling
out updates to remote
>users such as RAS and VPN users. They shouldn't contain
any sensitive
>information, just virus updates [although they could
possibly contain the
>config file that may contain some information about your
antivirus settings
>[think the file is named something like GRC.DAT ?]
>
>RE: the Sysvol share, see the information below from
Microsoft. For most of
>the data described below, like logon scripts and group
policy, I think
>everyone in the domain is going to need read access to
the files to make
>them useful and avoid problems. You could be right that
there may be other
>important information in there, I don't know. I'm not
sure how useful
>gaining read access to the sysvol folder really is.
>
>In either case, as long as you have secured your systems
correctly, you need
>to be an authenticated user to view those folders. If a
hacker is able to
>authenticate to your domain, arguably you've got a lot of
bigger issues to
>worry about. I don't think hackers usually target this
folder, there are
>other more useful sources of information to target. DNS,
for example, is
>more or less public information... also the local SAM
files on the
>workstations, etc.
>
>http://www.jsiinc.com/SUBL/tip5500/rh5569.htm
>
>"The System Volume (Sysvol) provides a default Active
Directory location for
>files that must be shared for common access throughout a
domain. The Sysvol
>folder on a domain controller contains the following
items:
> a.. Net Logon shares, which usually host logon scripts
and policy objects
>for non-Windows 2000-based network client computers.
> b.. User logon scripts for Windows 2000 Professional-
based clients and
>clients that are running Microsoft Windows 95, Microsoft
Windows 98, or
>Microsoft Windows NT 4.0.
> c.. Windows 2000 Group Policy.
> d.. File replication service (FRS) staging folder and
files that must be
>available and synchronized between domain controllers.
> e.. File system junctions."
>
>"Joe K" <aka@starbandNOSPAM.net> wrote in message
>news:40d401c28dcf$733b5490$89f82ecf@TK2MSFTNGXA01...
>> Question,
>> Why is the Sysvol share not hidden? The users on the
>> network can all see it from "My Network Places". Granted
>> it's read only, but I just find it a bit strange that
the
>> main system foler on the server is not a hidden share
like
>> WINNT 4.0 had done. Also, after loading Symantec
>> Corporate 8.0, the VPhome & VPlogon directories are
shared
>> out there as well. Just an observation and wondering if
>> anyone knows why these important folders are exposed to
>> the network and potentiallly a hacker. I guess my
>> perspective is "Out of sight, out of mind". All
thoughts
>> or reasoning is welcome.
>>
>> Good day.
>> Joe K.
>
>
>.
>
- Next message: Gene Zimm: "Administrative privileges"
- Previous message: Karl Levinson [x y] mvp: "Re: Troj_Flood.c Fix"
- In reply to: Karl Levinson [x y] mvp: "Re: Sysvol share"
- Next in thread: S. Pidgorny [MVP]: "Re: Sysvol share"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
