Every Windows NT/W2K/XP/Vista/2003 machine automatically creates a share for each drive on the system. These shares are hidden, but available with full control to administrators. The drive letter, followed by the $ sign is the name. When trying to attain a highly secure network, you may wish to address this potential security issue by disabling these shares.It is possible to simply remove the share from Server Manager (in NT) or Shared Folders (in W2K/XP/Vista/2003) but the problem with this method is that the shares will automatically be recreated when the machine reboots.
You can disable these shares permanently by changing following registry entries:
Servers:
Hive: HKEY_LOCAL_MACHINE
Key: SYSTEM\CurrentControlSet\Services\LanManServer\Parameters
Name: AutoShareServer
Data Type: REG_DWORD
Value: 0
Workstations:
Hive: HKEY_LOCAL_MACHINE
Key: SYSTEM\CurrentControlSet\Services\LanManServer\Parameters
Name: AutoShareWks
Data Type: REG_DWORD
Value: 0
If you can't find the value in the registry under the exact location please create them.
A reboot is necessary for this to take effect.
No comments:
Post a Comment