SBS 2003 security risk,wide open shares like simple sharing to any machine not on domain.
Posted on 2006-05-09
I am converting from a work group to a domain with Server 2003 for small business. I set all my users up and permissions for shares. The server is basically a file server. I have sensitive data in a few folders that I need to stay private. Before I converted my last machine to the domain, I was looking at the "My Network Places" on an XP Pro SP2 machine. Every share that is on my server is wide open to this machine off the domain. When I browse to it through the network, it does not even ask for a username and password, it just offers every shared folder as though it were an XP machine using simple sharing. I have locked down with the sharing permissions and NTFS permissions to no avail. I realize that when I convert the last machine to the domain, I will have more control over the machine. However, in the building I am in there are a couple of offices that share the internet connection and router that will never be on my domain. I need to lock down this share. I have taken the "Everyone" group off every folder both in "Sharing" and "Permissons". I have only "Administrator" and the employee using the particular folder added in both tabs on every share. What else is there to do?