Re: Defautl Hidden Shares

The really big risk is if you have only one local administrator password for
all laptops and desktops (and maybe servers) and someone finds it or is
given it for whatever reason. Even though it's the "local" administrator
account, it can be used across the network

net use x: \\computername\c$ /user:computername\administrator

Enter the local admin password at prompt and you now have full admin access
across the network.

It's an even bigger risk if you left the local admin password blank...

Ray

"lwmccksg" <lwmccksg@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:19D85E6E-161B-4A2B-A6D8-A055D23FA745@xxxxxxxxxxxxxxxx
thanks for your info.

"Roger Abell [MVP]" wrote:

The risks from the administrative shares are minimal if normal sane
practices are in use. Those only allow access by an admin account.
There is a risk of someone attempting login via the authentication
mechanisms that protect the administrative shares, using it as a way
to try to find username/password pairs. However, if only allowed
locations with supposedly trusted people have access to the needed
ports on those IPs, perhaps people that already have accounts, there
is little, if any, added risk.
Somewhat similarly for the IPC$ share you have mentioned, which
does not require an admin account.

"lwmccksg" <lwmccksg@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:85B9C50B-ABC8-4309-A8C2-BAD5EA9F3DA6@xxxxxxxxxxxxxxxx
I noted that during Windows 2000 Server setup, these hidden shares
Admin$,
C$, D$ and IPC$ are created.

Most of the best practices from books mentioned to remove the hidden
shares.
What are the risks if these hidden shares are not remove?

Can i say that these hidden shares consist of
1) Admin$ - for administering the server which contains of Windows
system
utilities.
2) C$ & D$ - for may consist of application and data.






.

Relevant Pages

  • RE: How to block users from installing other apps
    ... Is anyone willing to share their "Security Policy" or share some links on ... Explain the risk of damage caused by unauthorized programs. ... Consider how much easier it is to exploit local administrator ... accounts to become domain administrators. ...
    (Focus-Microsoft)
  • Re: How to block users from installing other apps
    ... On Thu, Jul 03, 2003, Jane Han wrote: ... Explain the risk of damage caused by unauthorized programs. ... Consider how much easier it is to exploit local administrator ... accounts to become domain administrators. ...
    (Focus-Microsoft)
  • Re: Security running as Administrator in XP
    ... > Just how much of a security risk is running Windows XP as ... > yet Microsoft don't seem to want to admit that there could be a risk ... Administrator him/herself. ... I don't understand where you're coming from with the sentence 'yet Microsoft ...
    (alt.computer.security)
  • Re: Regular User with Server Installed - Is it a security risk?
    ... It may be a risk, but not in the way you seem to be considering. ... If the user is only a domain user, not a domain admin nor an ... admin on any member machine, then their actions will be limited. ... Some server tools may show them more than they would simply ...
    (microsoft.public.windows.server.security)
  • Re: BF2142 includes spyware? Maybe...
    ... to give the game admin level access. ... Running an Admin account for using the Internet carries more risk than ... The problem I personally have with broad statements like "security ...
    (comp.sys.ibm.pc.games.action)