We help IT Professionals succeed at work.

How do you remove a default c drive share?

mharcais
mharcais asked
on
Medium Priority
766 Views
Last Modified: 2012-08-14
Hi,

I have read that it is good security practice to remove the default c$ share on servers.

I tried adding my own one, and then removing the default c$ but as soon as I closed out of the screens I got an "The share will be restored on re-boot" message...

1) Are there implications with removing the c$ share?

2) If it is safe to remove it or re-name it, how is it done so that it doesn't restore at re-boot?

Many thanks.
Comment
Watch Question

Commented:
Hi mharcais,

You can't rename or remove. It's a security point and needed (?) to be accessed by site administrators. It will always stay there, unless you do any hard modifition (I don't know which... Maybe in registry or so...)
Anyway, as soon as you take it out, it comes back again. The only thing you can do is create passwords for your own access and for pc administrator (I mean PC administrator, not network or site administrator).

diasf
CERTIFIED EXPERT
Distinguished Expert 2019

Commented:
You can remove default shares (and here is how to do it in 2003), but yeah there are repercussions to it.

http://support.microsoft.com/default.aspx?scid=kb;en-us;816524

It will prevent some network programs from operating properly, especially some of the remote programs running from another machine... but really, it depends on exactly what you're aiming for in addition to that additional security.

Commented:
Yea, unless you need a particularly hardened server, it is better to use permissions to protect the share (the system forces them in place).

BTW, if you need to do this, some extra events will be seen... and you might not do this on your DC in any case
http://support.microsoft.com/kb/842715/en-us
To disable permanently so they will not be recreated on the next reboot, use the following Windows NT / Windows 2000 / Windows XP registry hack:

Hive: HKEY_LOCAL_MACHINE
Key: SYSTEM\CurrentControlSet\Services\LanManServer\Parameters
Name: AutoShareServer for servers
Name: AutoShareWks for workstations
Type: REG_DWORD
Value: 0

For background: Q156365. For details on disabling in Windows XP, see Q314984. In Windows 2000 and Windows XP, you disable the shares via

    * Start
    * Settings
    * Control Panel
    * Systems Tools panel
    * Shared Folders
    * Double-click the Shared Folders branch to expand it
    * Click Shares
    * In the Shared Folder column, right-click the share you want to disable
    * Click Stop sharing
    * Cick OK.

NOTE: If you disable an administrative share that you have created, it will not be automatically enabled after you restart your computer, and you will need to recreate the share.

Not the solution you were looking for? Getting a personalized solution is easy.

Ask the Experts
CERTIFIED EXPERT
Distinguished Expert 2019

Commented:
Here's a site you can take a look at if you're into OS hardening like the last few of us have been mentioning: http://www.cisecurity.org

It's mainly a matter of figuring out exactly what suits your needs and requirements.... no need to go too far into overkill though.
Dushan De SilvaTechnology Architect

Commented:
Start --> Run --> cmd

then type following command.

net share c$ delete


BR Dushan
CERTIFIED EXPERT
Distinguished Expert 2019

Commented:
Dushan - That only removes the share for the duration of the session. Once you reboot, that share would come back again, hence why the registry has to be edited.
Access more of Experts Exchange with a free account
Thanks for using Experts Exchange.

Create a free account to continue.

Limited access with a free account allows you to:

  • View three pieces of content (articles, solutions, posts, and videos)
  • Ask the experts questions (counted toward content limit)
  • Customize your dashboard and profile

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.