Make sure to secure your shares

Secure your shares to make sure you don't leave your system files exposed.

As we know, all versions of Microsoft Windows provide a workstation with the ability to share files or folders across a network with other workstations. This ability to share files permits a host to manipulate remote files just as if they were local. But improper configuration of network shares can expose critical system files, or even worse, allow a user or program to take full control of the host.

Unknowingly opening your systems by trying to improve convenience for co-workers and even outside partners can offer a welcome invitation for hackers to do some serious destruction. So you should take care that you ensure proper configuration of network shares, thereby reducing the risks of unauthorized entry to your network. If users want to share important information with other users of the network, you can create a secure share in the file server.

Here are ways to reduce the risk of unwanted access to your network via shares:

  • Disable sharing whenever it is not required.
  • Do not permit sharing with hosts on the Internet. If files need to come over the Internet, do it through FTP or HTTP.
  • Configure the shares so a password is required to connect to the share with the remote user, accessing only the minimum folders required.
  • Permit write access only when it is absolutely required.

As an added precaution, block these ports on your firewall:

TCP 137-139

UDP 137-139


Adesh Rampat has 10 years experience with network and IT administration. He is a member of the Association Of Internet Professionals, the Institute For Network Professionals, and the International Webmasters Association. He has also lectured extensively on a variety of topics.


This was first published in October 2002

Dig deeper on Microsoft Windows Data Backup and Protection

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchServerVirtualization

SearchCloudComputing

SearchExchange

SearchSQLServer

SearchWinIT

SearchEnterpriseDesktop

SearchVirtualDesktop

Close