Solved

CD drives as open shares

Posted on 2011-09-20
9
255 Views
Last Modified: 2012-05-12
I ran a tool called "shareenum" which basically lists all shares in the domain. On a load of workstations it lists the D drive which on closer inspection seems to be the CD/DVD drive as readable by the everyone group. I also noticed a lot of shares called stuff like "OLD PC" on users machines that again open to everyone? Why would this be? Is this a security problem or have I misread the data? Is this a common issue? Most the machines are still running XP
0
Comment
Question by:pma111
9 Comments
 
LVL 9

Accepted Solution

by:
Lester_Clayton earned 250 total points
Comment Utility
If you find shares on the network, it's because people have shared them.  The only kinds of shares which are automatically created are Administrative shares - like c$.

The share permission "Everyone" does not mean everybody has access to it.  The share permission allows people to connect to or open the share - but they still need directory permissions to list the contents of it.  They'll get the most restricted rights from the two combined.

This is a common issue if your users are all administrators of their local machines.  It means they can share stuff willy nilly :)
0
 
LVL 3

Author Comment

by:pma111
Comment Utility
I cant see why a CD/DVD drive would need to be a "share" anyway?  Can anyone think of a reason why? Another thing that confuses me is such users dont have admin rights on there machines, some have power user but I didnt think they could amend ACL's for that.
0
 
LVL 8

Assisted Solution

by:subhashchy
subhashchy earned 250 total points
Comment Utility
The reason for sharing CD drives is to, Put a Media in one of the PC and all network users (your users are most often Friends who likes to share stuff between each other) and then access it. that;s what we do in our organization :P.
 
Should not be a problem, as the users which are not part of the domain,will not be able to access it anyway.
0
 
LVL 3

Author Comment

by:pma111
Comment Utility
What if they put sensitive data in there disk drive and then 5000 people could potentially open it, of which probably 5 would know the user and have a genuine business need for accessing it.
0
Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

 
LVL 9

Expert Comment

by:Lester_Clayton
Comment Utility
These are all very valid points yes, but it doesn't change the fact that users who have administrative rights on their machines can do things like this.

You should consider finding a more secure business model - for example, users should be regular users and not administrators - which means they can't start sharing drives or folders at will.
0
 
LVL 3

Author Comment

by:pma111
Comment Utility
They are not administrators though - there is probably a handful of 5000 who have local admin rights the rest dont have this permission. Some may have power user rights - is that enough?
0
 
LVL 59

Expert Comment

by:LeeTutor
Comment Utility
I've requested that this question be deleted for the following reason:

This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.
0
 
LVL 3

Author Comment

by:pma111
Comment Utility
will split points
0

Featured Post

Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

Storage devices are generally used to save the data or sometime transfer the data from one computer system to another system. However, sometimes user accidentally erased their important data from the Storage devices. Users have to know how data reco…
If you need to start windows update installation remotely or as a scheduled task you will find this very helpful.
In this video, we discuss why the need for additional vertical screen space has become more important in recent years, namely, due to the transition in the marketplace of 4x3 computer screens to 16x9 and 16x10 screens (so-called widescreen format). …
Windows 8 came with a dramatically different user interface known as Metro. Notably missing from that interface was a Start button and Start Menu. Microsoft responded to negative user feedback of the Metro interface, bringing back the Start button a…

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now