Link to home
Start Free TrialLog in
Avatar of Pau Lo
Pau Lo

asked on

Open Shares Windows 2003 Server

If you have say a open file share on a database server, am I right in thinking if say the Everyone group or Domain Users group had write access to that share that a disgruntled employee or malicious insider may be able to save a sniffer/packet analyzer on that share that would then sniff traffic in the same subnet as the database server? And what about key loggers, if you install it on a share that is say the servers E drive, yet the server OS is installed on the servers C, is the keylogger of no real threat once installed on an E drive?

The reason I ask is our admin has said there is no real danger in leaving an SQL Server mdf/ldf file on an open share, I am pretty sure the user cant just copy the mdf away as it would be locked by the server, but I am not sure if they could do any other mischief on the open share on what would be classed as a sensitive server. It is a large internal network userbase (5k users).
ASKER CERTIFIED SOLUTION
Avatar of Brian Pierce
Brian Pierce
Flag of United Kingdom of Great Britain and Northern Ireland image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
SOLUTION
Avatar of mlongoh
mlongoh
Flag of United States of America image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of Pau Lo
Pau Lo

ASKER

Kcts, if its an mdf if you try and copy and paste it it says access denied, are you saying even if the sql service locks it you can copy it away?
Avatar of mlongoh
mlongoh
Flag of United States of America image
There is no harm in restricting access to the MDF/LDF files - it's probably more secure to do so as long as users don't need access to them.
Avatar of Brian Pierce
Brian Pierce
Flag of United Kingdom of Great Britain and Northern Ireland image
You can copy open files - there are numerous utilities to do just that - however its going to be verry difficult to stop anyone who has legitimage access to a file from copying it - if a user has the right to read, then they can copy.
Avatar of Pau Lo
Pau Lo

ASKER

Can you list some tools so I can verify this and demonstrate the risk to the admin
Avatar of Brian Pierce
Brian Pierce
Flag of United Kingdom of Great Britain and Northern Ireland image
Just google 'copy locked files' - there is a lot of stuff out there
Avatar of Pau Lo
Pau Lo

ASKER

Are you referring to stuff like hobocopy? Does that honestly work on mdf files?
Avatar of Pau Lo
Pau Lo

ASKER

Does the version of the server OS come into this or is that irrelevant?
Avatar of Brian Pierce
Brian Pierce
Flag of United Kingdom of Great Britain and Northern Ireland image
I assume you mean robocopy  - thats one option - or xcopy for that matter, as well of lots of 3rd party stuff
http://supercopy.codeplex.com/
http://www.backupforall.com/open-file-backup.php
maybe even VBA - (not sure this would work for an MDF file - http://word.mvps.org/FAQs/MacrosVBA/CopyOpenFile.htm
Avatar of Pau Lo
Pau Lo

ASKER

Ok thanks, and does the version of the server with the open share affect if these tools will work or not?