HomeCalendarCertificationsColumnsFeaturesForumResourcesVitals
 
Image
 
linkedin_logo.png rss_logo.jpg
twitter_logo.png youtube_logo.jpg
Latest Additions
 
EH-Net Login
Welcome Guest.
Lost Password?
No account yet? Register
Who's Online
We have 30 guests and 1 member online
EH-Net Donations

Enter Amount:
$
EH-Net News Feeds
Latest Additions
Google Ads
Book Recommendations



 
Advertisement

You are here: Home arrow Forum arrow Ethical Hacking Discussions and Related Certificationsarrow Otherarrow open share vulnerability
EH-Net
March 18, 2010, 12:58:20 AM *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
News: Advertise on EH-Net!! - Reasonable Rates, Highly Targeted Audience.
 
   Home   Help Calendar Login Register  
Pages: [1]   Go Down
« previous next »
  Print  
Author Topic: open share vulnerability  (Read 2543 times)
0 Members and 2 Guests are viewing this topic.
Hack_80
Jr. Member
**
Offline Offline

Posts: 50


View Profile
« on: January 19, 2010, 07:06:20 AM »
Hi,
Happy new year... Smiley

I am loking for the solution for share folder configured for Authenticated user & every one access . By default we have our corporate requirement to unblock the share access for some official reason. :(We ha ve multiple domains and we dont wont the shared folder to be enabled for entire domain or other domains by appying Authenticated user or every one access on shared folders. Is there any way to disable the authenticated users or everyone access through registry tweak? Huh on system.
Kindly help ......
Logged
bamed
Newbie
*
Offline Offline

Posts: 25


View Profile WWW
« Reply #1 on: January 19, 2010, 09:02:37 AM »
Maybe I'm missing something here.  What I gather is that you have a file share (or shares?) that currently have permission set so that "Authenticated Users" and "Everyone" have access (read and write?).  You want to limit access to these shares.  So, is there a reason you can't simply remove these groups and add only the users/groups you want to have access?
Also, could you define the "corporate requirements"?  If your company requires everyone access on all shares, you need to rethink your security policy.  Also, if you're not in IT, you should NOT be messing with the registry, or your security settings  AT ALL!  If you have security concerns, discuss them with IT.  If you are IT, I'm still missing what the issue is here.
Are you maybe trying to prevent users from creating shares with default permissions for "Everyone"?
Please clarify.
Logged
chown -R bamed ./base
Hack_80
Jr. Member
**
Offline Offline

Posts: 50


View Profile
« Reply #2 on: January 19, 2010, 09:51:28 PM »
Bieng an IT guy I am looking to prevent users from creating shares with default permissions for "Everyone" or "Authendticated users" write access..
« Last Edit: January 19, 2010, 09:54:12 PM by Hack_80 » Logged
termight
Newbie
*
Offline Offline

Posts: 18


View Profile
« Reply #3 on: January 20, 2010, 02:09:16 AM »
Hi,
     if it's your aim to prevent write access for everyone group and auth user then you need to uncheck the write access and give them read, also you can block inheritance form the main folder. if this is not the answer you expect then clearify your quetion.

termight
............
MCSE+security
Logged
Hack_80
Jr. Member
**
Offline Offline

Posts: 50


View Profile
« Reply #4 on: January 20, 2010, 04:32:17 AM »
I m looking for the solution for about 12000 machines.
Looking for any mechanism for discontinuing the access for authenticated users and everyone grou on shared folders.
Logged
Ketchup
Hero Member
*****
Offline Offline

Posts: 713



View Profile
« Reply #5 on: January 20, 2010, 07:10:11 AM »
How about a logon script that removes the Shares or changes the Permissions?  You can do this with plain old "net share" command or use a more advanced scripting language, such as VBScript or PowerShell. 
Logged
~~~~~~~~~~~~~~
Ketchup
bamed
Newbie
*
Offline Offline

Posts: 25


View Profile WWW
« Reply #6 on: January 20, 2010, 07:29:59 AM »
I found a vbscript at http://www.tek-tips.com/viewthread.cfm?qid=1158235&page=1 that looks like it does what you want.  Give it a try.
Logged
chown -R bamed ./base
Hack_80
Jr. Member
**
Offline Offline

Posts: 50


View Profile
« Reply #7 on: February 08, 2010, 10:38:46 PM »
hi Bemed,
    The below script has been working for specified shared folder.
Still looking for the script which will scan and remove the share configured for authenticated users and Everyone group.



Thanks in advance
Logged
Pages: [1]   Go Up
  Print  
« previous next »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.11 | SMF © 2006-2009, Simple Machines LLC
Joomla Bridge by JoomlaHacks.com 		Valid XHTML 1.0! Valid CSS!
Page created in 0.046 seconds with 22 queries.
 
Polls
Best Career Move in 2010:
 
Support EH-Net

eh-net_amazonstore.jpg
Help Support EH-Net with Our Amazon Store

cbtnuggets_logo_125.jpg
Try CBT Nuggets Free!
Recent Forum Topics
Vote For EH-Net

progenic.com
Click here to Vote!

Add to Technorati Favorites
technorati fave

 
         
Advertisement

© 2010 The Ethical Hacker Network
Joomla! is Free Software released under the GNU/GPL License.