why does win 2k insist on sharing C$ and D$?
Page 1 of 4 123 ... LastLast
Results 1 to 10 of 33

Thread: why does win 2k insist on sharing C$ and D$?

  1. #1
    Member
    Join Date
    Sep 2002
    Posts
    74

    why does win 2k insist on sharing C$ and D$?

    i run a windows 2000 sp4 and full security updates box and i turn off the default shares of C$ and D$. then i check a while later and they are turned back on! this is a huge security risk. why does 2000 insist on reseting these? i've noticed this type of behavior wtih things such as msn messenger where it resets the avatar. the box is adware, spyware, trojan, virus free. i have also tried it on many computers.

  2. #2
    Shadow Programmer mmelby's Avatar
    Join Date
    Jul 2002
    Location
    Ft. Myers, FL
    Posts
    291
    These are called Administrative Shares... Here is some information on how to control/remove them...

    http://support.microsoft.com/default...roduct=win2000

    http://support.microsoft.com/default...roduct=win2000

    Hope this helps.

    Work... Some days it's just not worth chewing through the restraints...

  3. #3
    Senior Member
    Join Date
    Sep 2003
    Posts
    161
    one note to make is that the $ sign at the end of them make them not visiable through file sharing etc..

  4. #4
    Just Another Geek
    Join Date
    Jul 2002
    Location
    Rotterdam, Netherlands
    Posts
    3,403
    Also note that the C$ and D$ are only accessable by members of the administrators group so it's not the huge security risk you think it is. If your administrative shares are accessable by someone else you have bigger problems (ie somebody has administrative rights they're not supposed to).
    Oliver's Law:
    Experience is something you don't get until just after you need it.

  5. #5
    Senior Member cheesegoduk's Avatar
    Join Date
    May 2002
    Posts
    224
    Yes, The C$ shares are especially useful on Windows Domains, Because they allow Domain administrators to see the whole drive from any machine, whist denieing users who are not part of the admins group

  6. #6
    Senior Member
    Join Date
    Jan 2002
    Posts
    1,207

    Re: why does win 2k insist on sharing C$ and D$?

    Originally posted here by wassup
    [B]this is a huge security risk.
    How, exactly, is having the default shares, a "huge" security risk? Excuse me if I'm being pedantic but:

    1. They are only accessible to members of administrators group
    2. Those members are capable of creating shares remotely anyway, including sharing any folder they want including C and D
    3. Those members are basically capable of doing absolutely anything remotely, provided the server service is enabled.

    why does 2000 insist on reseting these?
    It's a policy setting, it may be set in the domain. But don't change it unless you understand.

    i've noticed this type of behavior wtih things such as msn messenger where it resets the avatar.
    Now you're being rediculous - MSN messenger resetting its avatar is clearly due to some bug in that program, and is totally unrelated to default shares being created.

    Slarty

  7. #7
    Member
    Join Date
    Sep 2002
    Posts
    74
    well i found a quick way to fix it. and it can be a huge security risk if you have a blank admin password. yes i know this is stupid but this is for my home network and my dad wants functionality > security. i have found a quick .reg file that seems to have fix this.

    REGEDIT4

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters]
    "AutoShareWks"=dword:00000000

    just put that into a file with the .reg extension and export it into the registry.

    i know about the $ signs meaning a hidden share. but any slightly experienced hacker also knows about these.

    also i didnt find a way to control it in local security policy.

  8. #8
    Senior Member
    Join Date
    Jan 2002
    Posts
    1,207
    Originally posted here by wassup
    well i found a quick way to fix it. and it can be a huge security risk if you have a blank admin password.
    NOOO
    you totally missed the point, idiot!

    Having a blank admin password is the security risk.

    NOT the default shares.

    Having disabled default shares, admin users CAN STILL, REMOTELY, DO ANYTHING

    Just because you can't access C$, doesn't mean you can't own the machine with the admin pw.

    Slarty

  9. #9
    Member
    Join Date
    May 2002
    Posts
    68
    Slarty pretty much nailed. I would add c$ is the least of your concerns, having dcom and netbios/smb services available over the internet is the huge security risk. Much easier target then trying to brute force even a reasonbly obscure password.
    [gloworange]
    find /home/$newbie -name *? | www.google.com 2>/dev/null
    [/gloworange]

  10. #10
    Member
    Join Date
    Sep 2002
    Posts
    74
    Originally posted here by slarty
    NOOO
    you totally missed the point, idiot!

    Having a blank admin password is the security risk.

    NOT the default shares.

    Having disabled default shares, admin users CAN STILL, REMOTELY, DO ANYTHING

    Just because you can't access C$, doesn't mean you can't own the machine with the admin pw.

    Slarty
    no i didnt miss the point. i realize that the shares in itself are not a security risk. but combined with the null admin pass it is a security risk. hell a null admin pass in itself is NOT a security risk if the users cant do anything with it. as i said i cant add a pass because my dad wants functionality over security.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •