Security Basics mailing list archives
RE: About default sharing folders in Windows
From: "Doc Farmer" <doc.farmer () qatarbank com>
Date: Thu, 5 Jun 2003 09:22:04 +0300
I find those default shares to be extremely annoying, especially on my home PC where I've got a lot of extra disk space configured. So I run a batch file at startup that whacks all of the shares - ShareKil.bat net share C$ /delete net share D$ /delete ... net share Z$ /delete net share IPC$ /delete net share ADMIN$ /delete Seems to work pretty well. Hope that was helpful. Doc Farmer Senior Manager Security and Business Continuity Qatar National Bank Doha, Qatar -----Original Message----- From: Paris Stone [mailto:paris () ciscoinstructor com] Sent: Thu 05/06/2003 01:00 To: dave; 'ParisStone'; 'stephen at unix dot za dot net' Cc: security-basics () securityfocus com Subject: RE: About default sharing folders in Windows Cut-n-Paste of my original post: ~snip~ Can't delete Administrator or Guest. RENAME & DISABLE THEM, then create dummy accounts with those two default names. ~end snip~ Disabling is easy and definitely a preferred configuration option. I've done it wherever a customer has let me. Deleting, well 3rd party utilities from another poster, I've heard about too. Never really looked into it seriously. I was too chicken-stuff! dave (dave () netmedic net) wrote: > >Actually Paris you can in theory "disable" the default admin. It just takes >a few tricks > > > >_____________________ >Dave Kleiman >dave () netmedic net >www.netmedic.net > > > > >-----Original Message----- >From: Paris Stone [mailto:paris () ciscoinstructor com] >Sent: Wednesday, June 04, 2003 13:59 >To: stephen at unix dot za dot net; dave >Cc: security-basics () securityfocus com >Subject: RE: About default sharing folders in Windows > >Can't delete Administrator or Guest. Rename & Disable them, then create >dummy >accounts with those two default names. All acl's are checked against the >SID's not >the actual name and the SID's won't change with a rename. Therefore if you >can't >delete it and renaming it won't remove the assignments, you're hosed. There >are >tools out there that will scan your filesystem for rights, can't remember >any just >now. Audit the system and manually remove rights. > >stephen at unix dot za dot net (stephen () unix za net) wrote: >> >> >>how about deleting the admininistrator account (killing that sid) >>recreating a new account, redoing the privileges for that account, >>and adding the new username to the administrator or appropriate group. >> >>then 'hack the registry' :D >> >>then you should be left with a box with no default shares, >>administrator/guest default accounts are non-existant, and the new ones >>have new SIDs. >> >>that a possible solution? >> >>oh yeh, this is my first post :D >> >> >>stephen >> >> >> >>stephen () unix za net >>tel: (031) 207 4811 >> >> >> >>On Tue, 3 Jun 2003, dave wrote: >> >>> It is best to "disable" the built in administrator account. >>> >>> Dave >>> >>> >>> >>> _____________________ >>> Dave Kleiman >>> dave () netmedic net >>> www.netmedic.net >>> >>> >>> >>> -----Original Message----- >>> From: David Gillett [mailto:gillettdavid () fhda edu] >>> Sent: Monday, June 02, 2003 17:38 >>> To: security-basics () securityfocus com >>> Subject: RE: About default sharing folders in Windows >>> >>> > I strongly suggest renaming the local Administrator and Guest account >>> > to something that is not easily guessed at. In addition, you should >>> > probably create "dummy" accounts named "Administrator" and "Guest" >>> > that have no rights/no group memberships and are disabled. Monitor >>> > the dummy accounts closely for log in attempts. >>> >>> Note that there's no point to this unless you *also* disable the >ability >>> to enumerate accounts over a null connection. The renamed Administrator >>> account will be trivial to spot by its ID otherwise. >>> >>> David Gillett >>> >>> >>> >>> >--------------------------------------------------------------------------- >>> >---------------------------------------------------------------------------- >>> >>> >>> >>> >>> >>> >--------------------------------------------------------------------------- >>> >---------------------------------------------------------------------------- >>> >>> >> >> >>--------------------------------------------------------------------------- >>--------------------------------------------------------------------------- >- >> > >-- >~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ >Paris Stone >CISSP, CCNP, CNE, MCSE >CIW Master Administrator / Security Analyst, NSA >http://www.ciscoinstructor.net/ >~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ >"The rich man is not the one with the most, but the one who needs the least" > > > >--------------------------------------------------------------------------- >---------------------------------------------------------------------------- > > > > > >--------------------------------------------------------------------------- >---------------------------------------------------------------------------- > > -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Paris Stone CISSP, CCNP, CNE, MCSE CIW Master Administrator / Security Analyst, NSA http://www.ciscoinstructor.net/ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ "The rich man is not the one with the most, but the one who needs the least" --------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- RE: About default sharing folders in Windows, (continued)
- RE: About default sharing folders in Windows skyfront (Jun 04)
- Re: About default sharing folders in Windows Nicholas Diotte (Jun 04)
- RE: About default sharing folders in Windows Paris Stone (Jun 04)
- Re: About default sharing folders in Windows Roger A. Grimes (Jun 04)
- RE: About default sharing folders in Windows dave (Jun 04)
- RE: About default sharing folders in Windows stephen at unix dot za dot net (Jun 05)
- RE: About default sharing folders in Windows Cosentino, Guilherme V. (Jun 04)
- RE: About default sharing folders in Windows Chris Berry (Jun 04)
- RE: About default sharing folders in Windows Paris Stone (Jun 04)
- RE: About default sharing folders in Windows Raoul Armfield (Jun 05)
- RE: About default sharing folders in Windows Doc Farmer (Jun 05)