Page 2 of 4 FirstFirst 1234 LastLast
Results 11 to 20 of 33

Thread: why does win 2k insist on sharing C$ and D$?

  1. #11
    Senior Member
    Join Date
    Jan 2002
    Posts
    1,207
    Originally posted here by wassup
    a null admin pass in itself is NOT a security risk if the users cant do anything with it.
    True, but turning off the default shares does NOT prevent that risk.

    In order to prevent having a null admin pass being a risk, you must not run any services which use NT authentication. This means turning off the "Server" service and ensuring that it remains off. Also, SQL server, IIS and any other network services which use NT authentication need to be disabled.

    Slarty

  2. #12
    i dont have any server services facing the outside world. if i did run any server type software on that box i would not be so stupid to leave a null admin password.

  3. #13
    AO übergeek phishphreek's Avatar
    Join Date
    Jan 2002
    Posts
    4,325
    Originally posted here by wassup
    i dont have any server services facing the outside world. if i did run any server type software on that box i would not be so stupid to leave a null admin password.
    If the box isn't facing the outside world, and is behind your firewall/router, then why even worry about disabling the shares? If you're not going to protect even with a password, then you are wasting you time with everything else.

    By the way, how does creating a password(s) decrease functionality?
    You just have to type it in at startup...

    Just to ensure that those drives are not being shared... simply disable the "server" service in services.msc from start, run. Or, get to it via control panel, admin tools...
    Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.

  4. #14
    i dont have any server services facing the outside world
    Yes you do. To enable file sharing you must have the "server" service running, thus the " marks.

    And as phish said why not put a simple password on it, even a short simple one(other than password) is a lot better than nothing. And you don't need to reboot your comp every day generally.

    Without it your wasting your time.

    WIth a blank admin password your hosed, hidden shares or no, give me your IP if you need a demonstration.

    Nuff said.

  5. #15
    Regal Making Handler
    Join Date
    Jun 2002
    Posts
    1,668
    Not setting the administrators password is a huge security risk anyone who has physical access to the pc can get administraters access. If i were you i would set a password on the administraters account asap. I,m not talking about users that are admins, win 2000 has a seperate admin account as does xp. If there is no password set then its just a case of doing ctl+alt+del at the log in then clicking ok and you have complete control of the pc.

    If your dad cant be bothered to enter a password at log in then thats ok, give him a resricted account.
    What happens if a big asteroid hits the Earth? Judging from realistic simulations involving a sledge hammer and a common laboratory frog, we can assume it will be pretty bad. - Dave Barry

  6. #16
    AntiOnline Senior Medicine Man
    Join Date
    Nov 2001
    Posts
    724
    Maybe this is the slacker kinda way... but thats pretty much why i got into computers in the first place, so i didnt have to "work".

    Couldn't this whole ordeal be avoided by setting your firewall to deny all Netbios packets. If you need to share something you can always set to allow a single IP. Thats what i would do, and just be done with it. Thats just my two cents..
    It is better to be HATED for who you are, than LOVED for who you are NOT.

    THC/IP Version 4.2

  7. #17
    ya,

    i agree with the others, it's not the fact that they are being shared, it's the fact that Win 2k PRO comes with the Administrator account assigned a null password!!!

    There are many papers about using the netbios to gain access to networks. Try http://www.packetstormsecurity.com

  8. #18

    window=no security

    well to be honest if ur using windows and hoping to get a respectable level of security is optamistic at best!
    The C$ and D$ shares is 1 of the biggest security flaws in windows..well its not really a flaw coz its purposfully built ****..i mean IN

  9. #19
    The Doctor Und3ertak3r's Avatar
    Join Date
    Apr 2002
    Posts
    2,744
    A friend gave me his RH-9 box to sort out a couple of problems, he failed to give me the root password.. well he didn't have to.. he some how managed to set it to null on install.. how the hell did he manage that? (fixed now- i expect i will need to pay a bit more attention on my next install)

    BTW: other than the SQL exploit (slammer et al) with weak passwords.. wasn't there a exploit for the Admin Password in XP.. a hole in IE or was that a java prob,

    Point
    The weakness is not always the unbolted door, it could be the open window..
    ..
    But if the door is unlocked why waste your time climbing in the window..

    Weak/no Admin Pass is an unbolted door, X$ shares are the open window.

    The more Idiot enabled the OS the less secure it becomes.. compare Lindows with RH/SUSE..etc or Any Current Linux with Win 2K/XP

    Cheers
    "Consumer technology now exceeds the average persons ability to comprehend how to use it..give up hope of them being able to understand how it works." - Me http://www.cybercrypt.co.nr

  10. #20
    I think built in security is a little overated. You can't expect to ever have a well secured box right from the install thats available to the masses, if you did it would take the functionality and freedom from the user, right from the start. If the user doesn't care to set an admin password, they shouldn't be forced too. I might add if the user chooses not to set a password, the OS shouldn't be blamed for a lack of security.

    RH9 requires a root password with a mininum length, but doesn't restrict the use of the word 'password'. Which effectively nulls the whole "security" measure.

    In response to Toker's post, blocking a service is a far cry from turning it off. It just means you need to exploit the firewall before you exploit the service.
    [gloworange]
    find /home/$newbie -name *? | www.google.com 2>/dev/null
    [/gloworange]

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •