why does win 2k insist on sharing C$ and D$?

Quote:

---

Originally posted here by wassup
a null admin pass in itself is NOT a security risk if the users cant do anything with it.

---

True, but turning off the default shares does NOT prevent that risk.

In order to prevent having a null admin pass being a risk, you must not run any services which use NT authentication. This means turning off the "Server" service and ensuring that it remains off. Also, SQL server, IIS and any other network services which use NT authentication need to be disabled.

Slarty

i dont have any server services facing the outside world. if i did run any server type software on that box i would not be so stupid to leave a null admin password.

Quote:

---

Originally posted here by wassup
i dont have any server services facing the outside world. if i did run any server type software on that box i would not be so stupid to leave a null admin password.

---

If the box isn't facing the outside world, and is behind your firewall/router, then why even worry about disabling the shares? If you're not going to protect even with a password, then you are wasting you time with everything else.

By the way, how does creating a password(s) decrease functionality? :confused:
You just have to type it in at startup...

Just to ensure that those drives are not being shared... simply disable the "server" service in services.msc from start, run. Or, get to it via control panel, admin tools...

Quote:

---

i dont have any server services facing the outside world

---

Yes you do. To enable file sharing you must have the "server" service running, thus the " marks.

And as phish said why not put a simple password on it, even a short simple one(other than password) is a lot better than nothing. And you don't need to reboot your comp every day generally.

Without it your wasting your time.

WIth a blank admin password your hosed, hidden shares or no, give me your IP if you need a demonstration.

Nuff said.

Not setting the administrators password is a huge security risk anyone who has physical access to the pc can get administraters access. If i were you i would set a password on the administraters account asap. I,m not talking about users that are admins, win 2000 has a seperate admin account as does xp. If there is no password set then its just a case of doing ctl+alt+del at the log in then clicking ok and you have complete control of the pc.

If your dad cant be bothered to enter a password at log in then thats ok, give him a resricted account.

Maybe this is the slacker kinda way... but thats pretty much why i got into computers in the first place, so i didnt have to "work".

Couldn't this whole ordeal be avoided by setting your firewall to deny all Netbios packets. If you need to share something you can always set to allow a single IP. Thats what i would do, and just be done with it. Thats just my two cents..

ya,

i agree with the others, it's not the fact that they are being shared, it's the fact that Win 2k PRO comes with the Administrator account assigned a null password!!!

There are many papers about using the netbios to gain access to networks. Try http://www.packetstormsecurity.com

well to be honest if ur using windows and hoping to get a respectable level of security is optamistic at best!
The C$ and D$ shares is 1 of the biggest security flaws in windows..well its not really a flaw coz its purposfully built ****..i mean IN :rolleyes:

A friend gave me his RH-9 box to sort out a couple of problems, he failed to give me the root password.. well he didn't have to.. he some how managed to set it to null on install.. how the hell did he manage that? (fixed now- i expect i will need to pay a bit more attention on my next install)

BTW: other than the SQL exploit (slammer et al) with weak passwords.. wasn't there a exploit for the Admin Password in XP.. a hole in IE or was that a java prob,

Point
The weakness is not always the unbolted door, it could be the open window..
..
But if the door is unlocked why waste your time climbing in the window..

Weak/no Admin Pass is an unbolted door, X$ shares are the open window.

The more Idiot enabled the OS the less secure it becomes.. compare Lindows with RH/SUSE..etc or Any Current Linux with Win 2K/XP

Cheers

I think built in security is a little overated. You can't expect to ever have a well secured box right from the install thats available to the masses, if you did it would take the functionality and freedom from the user, right from the start. If the user doesn't care to set an admin password, they shouldn't be forced too. I might add if the user chooses not to set a password, the OS shouldn't be blamed for a lack of security.

RH9 requires a root password with a mininum length, but doesn't restrict the use of the word 'password'. Which effectively nulls the whole "security" measure.

In response to Toker's post, blocking a service is a far cry from turning it off. It just means you need to exploit the firewall before you exploit the service.