Problem solve Get help with specific problems with your technologies, process and projects.

Everyone must go

Remove the "Everyone" group from your drive permissions and replace it with "Authenticated Users" for better security.

This tip was submitted to the Tip Exchange by member Scot Hatt. Let other users know how useful it is by rating the tip below.

A quick way to remove a threat on your NTFS based system is to remove the "Everyone" group from your drive permissions and replace it with "Authenticated Users". This will stop the casual access that is provided by default in NT/2000. You may want to add the following groups in with the "AUs": "Administrators", "Creator Owner" and "System." This way you can assign "Full Control" the the latter three groups and "Read/Write/Execute" to the "AU" group, further limiting access.

So the permissions on the root of the drives will look like this:

Administrators = Full Control
Authenticated Users = RWX
Creator Owner = Full Control
System = Full Control

The "Documents and Settings" or "WinNTProfiles" directories on your system drive should also be protected in this way. Under this area, the subfolder "Administrator" should only have the following permission groups:

Administrators = Full Control
System = Full Control

"All Users" and "Default User" folders under "Documents and Settings" should not allow write permission for the "Authenticated Users". They have no reason to write.

These steps can be scripted with the "XCACLS" utility from the NT4 resource kit. Setting these permissions can severly hinder casual access to your NTFS resources.

Dig Deeper on Windows Server troubleshooting

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.