As we know, all versions of Microsoft Windows provide a workstation with the ability to share files or folders across a network with other workstations. This ability to share files permits a host to manipulate remote files just as if they were local. But improper configuration of network shares can expose critical system files, or even worse, allow a user or program to take full control of the host.
Unknowingly opening your systems by trying to improve convenience for co-workers and even outside partners can offer a welcome invitation for hackers to do some serious destruction. So you should take care that you ensure proper configuration of network shares, thereby reducing the risks of unauthorized entry to your network. If users want to share important information with other users of the network, you can create a secure share in the file server.
Here are ways to reduce the risk of unwanted access to your network via shares:
- Disable sharing whenever it is not required.
- Do not permit sharing with hosts on the Internet. If files need to come over the Internet, do it through FTP or HTTP.
- Configure the shares so a password is required to connect to the share with the remote user, accessing only the minimum folders required.
- Permit write access only when it is absolutely required.
As an added
Adesh Rampat has 10 years experience with network and IT administration. He is a member of the Association Of Internet Professionals, the Institute For Network Professionals, and the International Webmasters Association. He has also lectured extensively on a variety of topics.
This was first published in October 2002