RE: SPM2000$ Rouge Share

[Jonathan Rickman <jonathan () xcorps net>]

On Tue, 18 Mar 2003, Robinson, Jonathon wrote:

> Harlan,
>
> If I go to the management console> shared folders> shares> Right-click and
> properties> I get the following:
>
> "This has been shared for administrative purposes. The share permissions and
> file security cannot be set."
>
> However, I'm not able to reboot the server at this time as it's currently in
> production, so the reoccurrence of the share is simply an assumption.
>
> I'd just like to know why this share exists.

The software package mentioned earlier is produced by Gravity Storm
Software http://securitybastion.com. I have used this software on NT4 with
great success. It did not exhibit this behavior. I can't say that is does
not exhibit this behavior by default on Win 2000 as I have not tested it.
However, I suspect that it could have created the share for it's own use.
Most likely to facilitate the distribution of service packs and hotfixes.
The version I tested prompted you to do this on your own, perhaps newer
versions do not. The maintainer can be contacted with the addresses on the
web site.

--
Jonathan Rickman
X Corps Security
http://www.xcorps.net




----------------------------------------------------------------------------

<Pre>Lose another weekend managing your IDS?
Take back your personal time.
15-day free trial of StillSecure Border Guard.</Pre>
<A href="http://www.securityfocus.com/stillsecure";> http://www.securityfocus.com/stillsecure </A>