Preventing Net Send

Posted on 2003-03-26
Medium Priority
Last Modified: 2008-03-10
I was wondering if anyone knew how to stop the use of net send messaging by changing permissions on an NTFS Drive?
Question by:NYCmusakman
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2

Accepted Solution

sorted_order earned 500 total points
ID: 8214468
The command is handled by the file net.exe. It's typically run from the system32 folder (ie: C:\windows\system32\), though there are sometimes multiple copies of it on systems (ie: C:\windows\options\cabs and/or any i386 folder copied from the Windows install CD). The other copies won't run if "net" is called from the command line - unless their location is in the system path.

Removing Execute permissions on at least the system32 copy of the file should be enough. While you're at it, if you have any internet servers setup (web, ftp, etc.) it's best to deny the usr they run under ("I_USER...") rights to the entire system32 folder. Barring any odd application requirements you can safely delete any copies of net.exe not in system32.

Expert Comment

ID: 8217534
another way is to stop the service..

Author Comment

ID: 8218734
Thanks for the quck reply.

You were right on the money.  

Thanks again !!!

Expert Comment

ID: 8219354
Stopping the service makes the "net" command unavailable to ALL users. Setting file/folder permissions gives a finer-grained control over who can and can not use the command.

Of course, both methods can be undone by anyone with administrator rights - or anyone bright enough to copy the net.exe from another system (...then rename it, place it in the system path and you can have your own private "foo" command).

Expert Comment

ID: 8223354
the problem in setting permission is that the net command is no more avaible for other purpose...
calling a script with NET USE L: \\server\Share ... ;-)

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Greetings, Experts! First let me state that this website is top notch. I thoroughly enjoy the community that is shared here; those seeking help and those willing to sacrifice their time to help. It is fantastic. I am writing this article at th…
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
There's a multitude of different network monitoring solutions out there, and you're probably wondering what makes NetCrunch so special. It's completely agentless, but does let you create an agent, if you desire. It offers powerful scalability …
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…

764 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question