Tech Support Guy banner
Status
Not open for further replies.
1 - 10 of 10 Posts

·
Registered
Joined
·
5 Posts
Discussion Starter · #1 ·
Whenver we reboot our NT machines, they automatically make all the disk drives SHARED. Very much a security issue. We have to manually go through each drive via explorer and deselect the share option. Why does NT keep overriding our non-share desires?
How do we stop this?
Regards,rcross
 

·
Registered
Joined
·
2,376 Posts
If you are talking about a share that ends with a $ sign, this is an hidden administrative share that only administrators can access. It is shared by design and is coded into NT and can only be disabled until the next reboot.
 

·
Registered
Joined
·
546 Posts
The drives is share, but the share is call hidden. Other can not see the drives unless they know how to look for it. The drives are shared by default. W2K does it also, but does not show the hand like NT does. You should not worry about it unless everyone have the admin password or that everyone have admin right to that computer.
 

·
Registered
Joined
·
5 Posts
Discussion Starter · #4 ·
Actually, it is a major problem. For example, one of the features of the NIMDA virus is that is looks for shared drives and directories on both the infected machine and on other machines on the network. ALso, while it may not allow those with out administrator privileges to access a particular shared drive or directory, from a security viewpoint, it gives out information to would be hackers as to what information (assuming the directories have descriptive names) is being stored on what servers, drives and directories.
Again, all I want to do is disable the automatic sharing that kicks in on all drives, everytime we reboot NT

Thanks,
Rcross
 

·
Registered
Joined
·
5 Posts
Discussion Starter · #6 ·
Installed NT 2 years ago and have always had this problem. It is the same on 4 NT or NT w/s machines. To clarify, the problem is that when we reboot these machines, every harddrive opens with the share hand in place. ALso, and this may be a clue. I notice that the share hand appears on the winnt directory as well (very dangerous).
Rgds, rcross
 

·
Registered
Joined
·
137 Posts
are you running IIS? cuz that's what nimda makes its target. all nimda is is a version of code red. yes it's more destructive but you should have no worry about these shares. they are designed for administrative access only. if you have practiced good security measures and renamed the administrator account (like all good admins should do) then nimda can not harm your pc. plus, nimda is more targeted at nt server and unless you're using this machine for some heavy duty website work or hosting a site, then you have no worry over the admin shares. hope i helped.
 

·
Registered
Joined
·
5 Posts
Discussion Starter · #8 ·
Yes, two of our NT machines run IIS 4.0 based e-commerce websites. I am thankful for your comment vis-a-vis renaming the administrator account. I have heard of this but never done it for fear of losing full access to the machine. Also, many of the software programs we run, such as SQL2000 and the e-commerce software, require a user named administrator with administrator privileges for full access. I like the idea of calling the administrator by some other name, but will these programs still recognize me?
 

·
Registered
Joined
·
137 Posts
sql server requires that it's admin account is named administrator? i did not know that one. yes it is possible to rename the admin account in windows nt, using the user manager. it is a very common practice, and one that is used very often. also, it is understandable you are running IIS, but if you were a good little admin and applied all of the security patches and updates, nimda will not trouble you. btw, word of advice, if you have the processing power on these pcs and the money to do so, switch to 2000, it's much more reliable and Active Directory is much easier to manage than the NT SAMS database. btw, i am looking up on technet about the sql server thing. i just found something too. Apparently SQL server sets up its own BUILTIN\Administrators group which gives any account in the local system administrators group (such as your administrator account) administration over the server. thus, even if you renamed the admin account, sql would understand because it is not going by user account name, it uses the groups to set up it's login permissions. try it, if sql doesn't recognize it, change it back. also, as far as your e-commerce software goes, contact the manufacturer. this is the best course of action when dealing with business software. anyways, i gotta go. hit me up on AIM at dysfunktionalX if you have any more questions, ok? later!

volrathxp
:D :D :D :D
:D :D :D :D
 
1 - 10 of 10 Posts
Status
Not open for further replies.
Top