Everyone must go

Remove the "Everyone" group from your drive permissions and replace it with "Authenticated Users" for better security.

This tip was submitted to the SearchWin2000.com Tip Exchange by member Scot Hatt. Let other users know how useful...

it is by rating the tip below.


A quick way to remove a threat on your NTFS based system is to remove the "Everyone" group from your drive permissions and replace it with "Authenticated Users". This will stop the casual access that is provided by default in NT/2000. You may want to add the following groups in with the "AUs": "Administrators", "Creator Owner" and "System." This way you can assign "Full Control" the the latter three groups and "Read/Write/Execute" to the "AU" group, further limiting access.

So the permissions on the root of the drives will look like this:

Administrators = Full Control
Authenticated Users = RWX
Creator Owner = Full Control
System = Full Control

The "Documents and Settings" or "WinNTProfiles" directories on your system drive should also be protected in this way. Under this area, the subfolder "Administrator" should only have the following permission groups:

Administrators = Full Control
System = Full Control

"All Users" and "Default User" folders under "Documents and Settings" should not allow write permission for the "Authenticated Users". They have no reason to write.

These steps can be scripted with the "XCACLS" utility from the NT4 resource kit. Setting these permissions can severly hinder casual access to your NTFS resources.


This was last published in March 2002

Dig Deeper on Windows Server and Network Security

PRO+

Content

Find more PRO+ content and other member only offers, here.

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

-ADS BY GOOGLE

SearchServerVirtualization

SearchCloudComputing

SearchExchange

SearchSQLServer

SearchWinIT

SearchEnterpriseDesktop

SearchVirtualDesktop

Close