Sign in with
Sign up | Sign in
Your question

Are hidden shares safe from discovery

Last response: in Windows XP
Share
Anonymous
May 31, 2005 11:30:05 AM

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

I'm looking at methods to secure my wireless network in addition to
encryption used by the router and adaptors. Which would be to hide the
folders being shared across my internal LAN. When the shares are
hidden, is there any way for them to be discovered if by change someone
was able to get through and connect to my router? My PCs are installed
with WindowsXP SP1 and SP2.
Anonymous
May 31, 2005 11:50:15 AM

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

"d28" <kevindu28@yahoo.com> wrote in message
news:1117549805.211054.171600@g49g2000cwa.googlegroups.com...
> I'm looking at methods to secure my wireless network in addition to
> encryption used by the router and adaptors. Which would be to hide the
> folders being shared across my internal LAN. When the shares are
> hidden, is there any way for them to be discovered if by change someone
> was able to get through and connect to my router? My PCs are installed
> with WindowsXP SP1 and SP2.
>

Anyone with administrator permissions can see the shares. You have to use
strong passwords on all accounts or someone could easily crack your password
and get access. By default all accounts have administrator permissions so
make sure all users on all pc's are using a strong password. If you are
using XP Pro turn off simple file sharing, make sure all volumes are using
NTFS, and restrict access by NTFS permissions.

http://msdn.microsoft.com/library/default.asp?url=/libr...

http://www.microsoft.com/resources/documentation/window...

http://support.microsoft.com/default.aspx?scid=kb;en-us;304040

http://support.microsoft.com/default.aspx?scid=kb;en-us;307874

Kerry
Anonymous
May 31, 2005 12:10:41 PM

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

In terms of access, it would have to come from an attack through the
wireless connection to the router. No one will have physical access to
the LAN PCs. So the scenario I'm trying to paint would be someone who
gained access through the router and my router assigns an IP address
because DHCP is enabled. Once connected can the attacker then discover
what the hidden shares are?
Related resources
Anonymous
May 31, 2005 12:42:44 PM

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

"d28" <kevindu28@yahoo.com> wrote in message
news:1117552241.040838.219140@z14g2000cwz.googlegroups.com...
> In terms of access, it would have to come from an attack through the
> wireless connection to the router. No one will have physical access to
> the LAN PCs. So the scenario I'm trying to paint would be someone who
> gained access through the router and my router assigns an IP address
> because DHCP is enabled. Once connected can the attacker then discover
> what the hidden shares are?
>

See my previous post. Once they have access to your lan everything in it
applies. It doesn't matter how they get access wired or wireless is the same
once they are connected. There are many programs available for hacking into
a computer once you are on the lan. Strong passwords and NTFS permissions
are good enough to defeat most hackers (i.e the neighbour's teenager). For a
truly determined hacker you would have to implement IPSEC and even that
might not work. That is the danger of wireless.

Kerry
Anonymous
May 31, 2005 1:17:45 PM

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

Which programs? That's what I'm trying to get at. And if as you said,
someone were to remotely connect to my WLAN as an administator, they
are only administrator on thier machine, right? I don't have the remote
desktop service running or anything like that. I have only XP Home
machines making passwords irrelevant in file sharing. My only method to
somewhat to protect the shared folders is through the hidden share
(share$) method.
Anonymous
May 31, 2005 2:41:52 PM

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

"d28" <kevindu28@yahoo.com> wrote in message
news:1117556265.633489.42770@z14g2000cwz.googlegroups.com...
> Which programs? That's what I'm trying to get at. And if as you said,
> someone were to remotely connect to my WLAN as an administator, they
> are only administrator on thier machine, right? I don't have the remote
> desktop service running or anything like that. I have only XP Home
> machines making passwords irrelevant in file sharing. My only method to
> somewhat to protect the shared folders is through the hidden share
> (share$) method.
>

Someone trying to hack your LAN will probably not be using Windows XP. The
shares are only hidden from Windows clients. If they can access the LAN they
can access the shares if they have a password. If you have file sharing
enabled there are programs to use a brute force method to crack your
password. I am not going to post a tutorial on how to hack into a computer.
Just be assured that it can be done if they have access to your LAN. Using
strong passwords makes this harder. You can use NTFS permissions with XP
Home.

http://www.tweakhound.com/xp/xpperm/xpPerm1.htm

This will add another layer of protection. XP Home was not designed to be
secure on a network. You can make it somewhat secure. That is the best it
does.

Possibly your router can do MAC filtering. If you set that up it would be
much harder for someone to acquire access to the LAN.

http://www.google.com/search?hl=en&q=wireless+router+MA...

To be 100% secure would require XP Pro, an offline certificate server with
IPSEC, a secure DHCP server or static IP's, a secure DNS server, and a
wireless router with a very sophisticated firewall. Even then you would have
to monitor for intrusions. Security is a very complex subject. Wireless
networking just adds to the problem. If you take reasonable precautions and
use WPA encryption and NTFS permissions with wireless networking I would be
more worried about malware from the internet than someone hacking your
wireless network. If your data is really that sensitive you need outside
help and a lot of money.

Kerry
!