From: Alexander Klimov (alserkli@inbox.ru)
Date: Wed Oct 26 2005 - 04:20:08 EDT
On Mon, 24 Oct 2005, Goran Sevic wrote:
> While performing audit of an organisation, we found all the default
> shares including (C$ & D$) been enabled on the user's workstations. When
> asked the tech team, mentioned that these shares are needed for the
> functioning of Microsoft SMS servers.
>
> Is anyone aware of the requirement of these shares on the workstations?
> My feeling is that the ADMIN$ share on the workstations is enough for
> the operation of SMS functions.
MS hints that they can be used for backup by some 3d-party programs.
You can just delete C$, D$, ... and check if everything is still OK.
Btw, it will be shared again unless you set to 0
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanManServer\Parameters
AutoShareWks on a workstation and AutoShareServer on a server
-- Regards, ASK ------------------------------------------------------------------------------ Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:06 EDT