• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 302
  • Last Modified:

CD drives as open shares

I ran a tool called "shareenum" which basically lists all shares in the domain. On a load of workstations it lists the D drive which on closer inspection seems to be the CD/DVD drive as readable by the everyone group. I also noticed a lot of shares called stuff like "OLD PC" on users machines that again open to everyone? Why would this be? Is this a security problem or have I misread the data? Is this a common issue? Most the machines are still running XP
0
pma111
Asked:
pma111
2 Solutions
 
Lester_ClaytonCommented:
If you find shares on the network, it's because people have shared them.  The only kinds of shares which are automatically created are Administrative shares - like c$.

The share permission "Everyone" does not mean everybody has access to it.  The share permission allows people to connect to or open the share - but they still need directory permissions to list the contents of it.  They'll get the most restricted rights from the two combined.

This is a common issue if your users are all administrators of their local machines.  It means they can share stuff willy nilly :)
0
 
pma111Author Commented:
I cant see why a CD/DVD drive would need to be a "share" anyway?  Can anyone think of a reason why? Another thing that confuses me is such users dont have admin rights on there machines, some have power user but I didnt think they could amend ACL's for that.
0
 
subhashchyCommented:
The reason for sharing CD drives is to, Put a Media in one of the PC and all network users (your users are most often Friends who likes to share stuff between each other) and then access it. that;s what we do in our organization :P.
 
Should not be a problem, as the users which are not part of the domain,will not be able to access it anyway.
0
What Security Threats Are We Predicting for 2018?

Cryptocurrency, IoT botnets, MFA, and more! Hackers are already planning their next big attacks for 2018. Learn what you might face, and how to defend against it with our 2018 security predictions.

 
pma111Author Commented:
What if they put sensitive data in there disk drive and then 5000 people could potentially open it, of which probably 5 would know the user and have a genuine business need for accessing it.
0
 
Lester_ClaytonCommented:
These are all very valid points yes, but it doesn't change the fact that users who have administrative rights on their machines can do things like this.

You should consider finding a more secure business model - for example, users should be regular users and not administrators - which means they can't start sharing drives or folders at will.
0
 
pma111Author Commented:
They are not administrators though - there is probably a handful of 5000 who have local admin rights the rest dont have this permission. Some may have power user rights - is that enough?
0
 
LeeTutorretiredCommented:
I've requested that this question be deleted for the following reason:

This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.
0
 
pma111Author Commented:
will split points
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now