Celebrate National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

File Security Risk

Posted on 2011-02-28
1
Medium Priority
?
530 Views
Last Modified: 2012-06-21
I've found a server on our network that I can access remotely just by browsing in Windows Explorer (starting from My Network Places and drilling down).

I can drill all the way down until I find, for instance, the following file:

\\server-here\SYSVOL\domain-here.domain.org\Policies\{9AF8586C-819F-truncated}\MACHINE\Microsoft\Windows NT\SecEdit\GptTmpl.inf

First of all, what is this file? Secondly, is access to this path and file a security risk, and if so, what are the risks?

Thanks guys.
0
Comment
Question by:isaacr25
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 3

Accepted Solution

by:
mnation1 earned 2000 total points
ID: 35004042
You've found the network share that serves out your domain's Group Policy settings to the computers on the domain.  That file contains your default security policy settings.  Everyone on the network should have read-only permissions to the folder you found, but not modify or write permissions.  Each machine and user needs to be able to read those settings so they can be downloaded and applied to each computer/user.
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

IF you are either unfamiliar with rootkits, or want to know more about them, read on ....
How does someone stay on the right and legal side of the hacking world?
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question