Pau Lo
asked on
Open Shares Windows 2003 Server
If you have say a open file share on a database server, am I right in thinking if say the Everyone group or Domain Users group had write access to that share that a disgruntled employee or malicious insider may be able to save a sniffer/packet analyzer on that share that would then sniff traffic in the same subnet as the database server? And what about key loggers, if you install it on a share that is say the servers E drive, yet the server OS is installed on the servers C, is the keylogger of no real threat once installed on an E drive?
The reason I ask is our admin has said there is no real danger in leaving an SQL Server mdf/ldf file on an open share, I am pretty sure the user cant just copy the mdf away as it would be locked by the server, but I am not sure if they could do any other mischief on the open share on what would be classed as a sensitive server. It is a large internal network userbase (5k users).
The reason I ask is our admin has said there is no real danger in leaving an SQL Server mdf/ldf file on an open share, I am pretty sure the user cant just copy the mdf away as it would be locked by the server, but I am not sure if they could do any other mischief on the open share on what would be classed as a sensitive server. It is a large internal network userbase (5k users).
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
There is no harm in restricting access to the MDF/LDF files - it's probably more secure to do so as long as users don't need access to them.
You can copy open files - there are numerous utilities to do just that - however its going to be verry difficult to stop anyone who has legitimage access to a file from copying it - if a user has the right to read, then they can copy.
ASKER
Can you list some tools so I can verify this and demonstrate the risk to the admin
Just google 'copy locked files' - there is a lot of stuff out there
ASKER
Are you referring to stuff like hobocopy? Does that honestly work on mdf files?
ASKER
Does the version of the server OS come into this or is that irrelevant?
I assume you mean robocopy - thats one option - or xcopy for that matter, as well of lots of 3rd party stuff
http://supercopy.codeplex.com/
http://www.backupforall.com/open-file-backup.php
maybe even VBA - (not sure this would work for an MDF file - http://word.mvps.org/FAQs/MacrosVBA/CopyOpenFile.htm
http://supercopy.codeplex.com/
http://www.backupforall.com/open-file-backup.php
maybe even VBA - (not sure this would work for an MDF file - http://word.mvps.org/FAQs/MacrosVBA/CopyOpenFile.htm
ASKER
Ok thanks, and does the version of the server with the open share affect if these tools will work or not?
ASKER