Home page logo

basics logo Security Basics mailing list archives

RE: About default sharing folders in Windows
From: "Tony Bradley | NetSecurity" <netsecurity.guide () about com>
Date: Tue, 27 May 2003 12:52:09 -0400

<<i've heard that there are some default sharing folders in Windows
2000, XP like $C, $D, $ADMIN, $IPC. if i've just installed WINDOWS 2000
OS w/ default setting, how hacker can access my sharing folders and what
hacker can do? >>

The main problem lies in using weak or no password. 

These are default administrative shares. If I can get to your machine I
can attempt to connect to \\yourmachine\c$ at which point I would have
to supply an administrative username and password. If you have blank
passwords or use stuff like "password" or "123" as your password then
odds are I can get in. Once I get in I would have access to anything
that the administrator would have access to on that drive.

A recent Internet worm (Deborm) used this method of attaching to hidden
administrative shares using no or weak passwords.

I believe there might be a way in the registry to remove the
administrative shares altogether, but whether there is or isn't you need
to make sure you have strong passwords for the administrator account and
you should assign a strong password to the Guest account even if you
keep the account disabled.

Hope that helps-

Tony Bradley, CISSP, MCSE2k, MCSA, MCP, A+
About.com Guide for Internet / Network Security

Click here to sign up for the weekly Internet / Network Security
Newsletter: NetSecurity Newsletter 


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]