Re: Share Security+Log
- From: "Lanwench [MVP - Exchange]" <lanwench@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Mon, 16 Apr 2007 14:11:27 -0400
AU <AU@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote:
Agreed, problem is I need a reason why this was done, and if I can
provide more information on it.
Unless you can get someone to confess, it could be anyone who had admin
rights on that box.
"Lanwench [MVP - Exchange]" wrote:
AU <AU@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote:
Hello,
It seems one of my member's of staff pc had one of his personal
folders shared without his knowledge, it was shared over the network
with full persmissions. The OS is Windows XP Pro SP2.
After finding out it was being shared, I quickly turned off the
share but now the question remains how did it get shared in the
first place?
Is there any tool or log in Windows XP that I can view to see who
ACCESSED that paricular share or when it was turned, can anyone
please shed some light on the situation.
Thanks so much
Probably not. Any auditing you would enable now, wouldn't be
retroactive anyway.
Only an administrator can set up a share - best practice is to have
users run as users only, and make sure the local administrator
credentials are secured. Keep your computers locked down as tightly
as possible.
Also, if you are in a workgroup configuration, consider moving to a
domain model (or, at least, a central server for all your file
storage). Secure the server (both physically, and via permissions),
and don't store data on workstations at all.
.
- References:
- Re: Share Security+Log
- From: Lanwench [MVP - Exchange]
- Re: Share Security+Log
- Prev by Date: Re: Share Security+Log
- Next by Date: Runas Error when trying to run a .bat file as Admin
- Previous by thread: Re: Share Security+Log
- Next by thread: Re: Share Security+Log
- Index(es):
Relevant Pages
|
